var-202302-0482
Vulnerability from variot
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection. (CVE-2022-4304) A use-after-free vulnerability was found in OpenSSL's BIO_new_NDEF function. Under certain conditions. (CVE-2023-0286). Bugs fixed (https://bugzilla.redhat.com/):
2212085 - CVE-2023-3089 openshift: OCP & FIPS mode
- Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide several bug fixes. Bugs fixed (https://bugzilla.redhat.com/):
2171965 - [4.11 clone] Secrets are used in env variables 2176012 - [ODF 4.11] Move the defaults for rookceph operator from configmap to csv 2181405 - CVE-2022-40186 vault: Vault Entity Alias Metadata May Leak Between Aliases With The Same Name Assigned To The Same Entity 2183683 - [ODF 4.11] Deployment of ODF 4.9 over external mode failing with: panic: assignment to entry in nil map in ocs-operator logs 2186456 - Include at ODF 4.11 container images the RHEL8 CVE fix on "openssl"
- Summary:
Multicluster Engine for Kubernetes 2.1.6 General Availability release images, which fix bugs and security updates container images. Description:
Multicluster Engine for Kubernetes 2.1.6 images
Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds.
You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
Jira issue addressed:
ACM-3513: MCE 2.1.6 images
Security fix(es):
-
CVE-2022-25881 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability
-
Solution:
For multicluster engine for Kubernetes, see the following documentation for details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/multicluster_engine/multicluster_engine_overview#installing-while-connected-online-mce
- Bugs fixed (https://bugzilla.redhat.com/):
2165824 - CVE-2022-25881 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability
- It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update Advisory ID: RHSA-2023:3354-01 Product: Red Hat JBoss Core Services Advisory URL: https://access.redhat.com/errata/RHSA-2023:3354 Issue date: 2023-06-05 CVE Names: CVE-2006-20001 CVE-2022-4304 CVE-2022-4450 CVE-2022-25147 CVE-2022-43551 CVE-2022-43552 CVE-2023-0215 CVE-2023-0286 CVE-2023-23914 CVE-2023-23915 CVE-2023-23916 CVE-2023-25690 =====================================================================
- Summary:
An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 on Red Hat Enterprise Linux versions 7 and 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
- apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147)
- curl: HSTS bypass via IDN (CVE-2022-43551)
- curl: HTTP Proxy deny use-after-free (CVE-2022-43552)
- curl: HSTS ignored on multiple requests (CVE-2023-23914)
- curl: HSTS amnesia with --parallel (CVE-2023-23915)
- curl: HTTP multi-header compression denial of service (CVE-2023-23916)
- httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)
- httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)
- openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
- openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
- openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
- openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
Applications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
2152639 - CVE-2022-43551 curl: HSTS bypass via IDN 2152652 - CVE-2022-43552 curl: Use-after-free triggered by an HTTP proxy deny response 2161774 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte 2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName 2164487 - CVE-2022-4304 openssl: timing attack in RSA Decryption implementation 2164492 - CVE-2023-0215 openssl: use-after-free following BIO_new_NDEF 2164494 - CVE-2022-4450 openssl: double free after calling PEM_read_bio_ex 2167797 - CVE-2023-23914 curl: HSTS ignored on multiple requests 2167813 - CVE-2023-23915 curl: HSTS amnesia with --parallel 2167815 - CVE-2023-23916 curl: HTTP multi-header compression denial of service 2169652 - CVE-2022-25147 apr-util: out-of-bounds writes in the apr_base64 2176209 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy
-
Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
-
References:
https://access.redhat.com/security/cve/CVE-2006-20001 https://access.redhat.com/security/cve/CVE-2022-4304 https://access.redhat.com/security/cve/CVE-2022-4450 https://access.redhat.com/security/cve/CVE-2022-25147 https://access.redhat.com/security/cve/CVE-2022-43551 https://access.redhat.com/security/cve/CVE-2022-43552 https://access.redhat.com/security/cve/CVE-2023-0215 https://access.redhat.com/security/cve/CVE-2023-0286 https://access.redhat.com/security/cve/CVE-2023-23914 https://access.redhat.com/security/cve/CVE-2023-23915 https://access.redhat.com/security/cve/CVE-2023-23916 https://access.redhat.com/security/cve/CVE-2023-25690 https://access.redhat.com/security/updates/classification/#important
- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBZH4jO9zjgjWX9erEAQhdzQ//WjNcrrZ2U8gZyEoQSCNUuGWPbKkm9H5e bdaRIBdB+st5qK0c114J+jSozhjpTsY3FvKVQaIvO5HVpQLXgJZEAjWjTCJPF0R6 zEafAjK8UennjPkXzH7kYfXrGMIyDh+aMj0QN+SQM2IyD34W0Zk3uwjRnO1RlwCN PuPv9RxSTa8SbFAoYkmvI9N1e73Qiwv/50m9dN6DSo1jpLIhiiG15GIB0baoOS05 5Vh8haPq9jmbsHjdyEdDNifgruwm/OipaS6QrcB21T2f0Tsy3Kvn7oUbXC5NxKWZ 1H5RWEnVhFA+pfeY5ZChVYuktqFuhhhsnCcdLzMrzNsDquZXcKP/sRG4Lg6EjrOr sv7ywIgIEAYrHSuXj+b4Bkx1NRKZtMknsfi9Mw3vCARAqvIapBNIthC4dqg0gIiS HoXtsZDoz7GGcguOpcrMuzPOaiJiS8u9M8068JT6k20DSAM/jmL/mkzhaw2GG+KV MRLIaJViehUCrxJ4eht+djH4Mv8aEORWJx81yG91IKsH7nMcBkvqYsHf1qBxm78T L8L1va2P9tS1tA4Dbfp8aKr/Jr/ocMOJhapGCMNnAwsAUErgaGYOSVbYo4Bp2hrG FCsgWJWCB6NQwvRv/CZXar5AMvmVlrOVqYEHjMVQBfVS3Bu12a12EGKtnO3fJAYa 2SvVnChgmv4= =TkYq -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . OpenSSL Security Advisory [7th February 2023] =============================================
X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
Severity: High
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING.
When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.
OpenSSL versions 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.
OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers only).
This issue was reported on 11th January 2023 by David Benjamin (Google). The fix was developed by Hugo Landau.
OpenSSL 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.
OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers only).
An initial report of a possible timing side channel was made on 14th July 2020 by Hubert Kario (Red Hat). A refined report identifying a specific timing side channel was made on 15th July 2022 by Hubert Kario. The fix was developed by Dmitry Belyavsky (Red Hat) and Hubert Kario.
X.509 Name Constraints Read Buffer Overflow (CVE-2022-4203)
Severity: Moderate
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.
The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory.
OpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue.
OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8.
OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.
This issue was reported to OpenSSL on 3rd November 2022 by Corey Bonnell from Digicert. The fix was developed by Viktor Dukhovni.
Use-after-free following BIO_new_NDEF (CVE-2023-0215)
Severity: Moderate
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications.
The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash.
This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7.
Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream.
The OpenSSL cms and smime command line applications are similarly affected.
OpenSSL 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.
OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers only).
This issue was reported on 29th November 2022 by Octavio Galland and Marcel Böhme (Max Planck Institute for Security and Privacy). The fix was developed by Viktor Dukhovni and Matt Caswell.
Double free after calling PEM_read_bio_ex (CVE-2022-4450)
Severity: Moderate
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack.
The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected.
These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0.
The OpenSSL asn1parse command line application is also impacted by this issue.
OpenSSL 3.0 and 1.1.1 are vulnerable to this issue.
OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t.
OpenSSL 1.0.2 is not affected by this issue.
This issue was discovered by CarpetFuzz and reported on 8th December 2022 by Dawei Wang. The fix was developed by Kurt Roeckx and Matt Caswell.
Invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)
Severity: Moderate
An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions.
The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.
OpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue.
OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8.
OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.
This issue was reported on 27th December 2022 by Marc Schönefeld. The fix was developed by Tomas Mraz.
NULL dereference validating DSA public key (CVE-2023-0217)
Severity: Moderate
An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack.
The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.
OpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue.
OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8.
OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.
This issue was reported on 27th December 2022 by Kurt Roeckx. The fix was developed by Shane Lontis from Oracle.
NULL dereference during PKCS7 data verification (CVE-2023-0401)
Severity: Moderate
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash.
The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider.
PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
OpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue.
OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8.
OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.
This issue was reported on 13th January 2023 by Hubert Kario and Dmitry Belyavsky (Red Hat). The fix was developed by Tomas Mraz.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20230207.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/general/security-policy.html .
This advisory contains OpenShift Virtualization 4.12.6 images. Bugs fixed (https://bugzilla.redhat.com/):
2139896 - Requested TSC frequency outside tolerance range & TSC scaling not supported 2145146 - CDI operator is not creating PrometheusRule resource with alerts if CDI resource is incorrect 2148383 - Migration metrics values are not sum up values from all VMIs 2149409 - HPP mounter deployment can't mount as unprivileged 2168489 - Overview -> Migrations - The ?Bandwidth consumption? Graph display with wrong values 2184435 - [cnv-4.12] virt-handler should not delete any pre-configured mediated devices i these are provided by an external provider 2222191 - [cnv-4.12] manually increasing the number of virt-api pods does not work
- ========================================================================== Ubuntu Security Notice USN-6564-1 January 03, 2024
nodejs vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in Node.js.
Software Description: - nodejs: An open-source, cross-platform JavaScript runtime environment.
Details:
Hubert Kario discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2022-4304)
CarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-4450)
Octavio Galland and Marcel Böhme discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0215)
David Benjamin discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-0286)
Hubert Kario and Dmitry Belyavsky discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0401)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04 LTS: libnode-dev 12.22.9~dfsg-1ubuntu3.3 libnode72 12.22.9~dfsg-1ubuntu3.3 nodejs 12.22.9~dfsg-1ubuntu3.3
In general, a standard system update will make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-0482", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "ucosminexus service platform", "scope": null, "trust": 1.6, "vendor": "\u65e5\u7acb", "version": null }, { "model": "ucosminexus application server", "scope": null, "trust": 1.6, "vendor": "\u65e5\u7acb", "version": null }, { "model": "ucosminexus primary server base", "scope": null, "trust": 1.6, "vendor": "\u65e5\u7acb", "version": null }, { "model": "openssl", "scope": "gte", "trust": 1.0, "vendor": "openssl", "version": "3.0.0" }, { "model": "openssl", "scope": "gte", "trust": 1.0, "vendor": "openssl", "version": "1.0.2" }, { "model": "openssl", "scope": "lt", "trust": 1.0, "vendor": "openssl", "version": "1.0.2zg" }, { "model": "network security", "scope": "gte", "trust": 1.0, "vendor": "stormshield", "version": "4.4.0" }, { "model": "network security", "scope": "gte", "trust": 1.0, "vendor": "stormshield", "version": "2.7.0" }, { "model": "network security", "scope": "lt", "trust": 1.0, "vendor": "stormshield", "version": "4.6.3" }, { "model": "network security", "scope": "gte", "trust": 1.0, "vendor": "stormshield", "version": "2.8.0" }, { "model": "network security", "scope": "lt", "trust": 1.0, "vendor": "stormshield", "version": "4.3.16" }, { "model": "network security", "scope": "gte", "trust": 1.0, "vendor": "stormshield", "version": "3.8.0" }, { "model": "openssl", "scope": "lt", "trust": 1.0, "vendor": "openssl", "version": "1.1.1t" }, { "model": "openssl", "scope": "lt", "trust": 1.0, "vendor": "openssl", "version": "3.0.8" }, { "model": "openssl", "scope": "gte", "trust": 1.0, "vendor": "openssl", "version": "1.1.1" }, { "model": "sslvpn", "scope": "lt", "trust": 1.0, "vendor": "stormshield", "version": "3.2.1" }, { "model": "network security", "scope": "lt", "trust": 1.0, "vendor": "stormshield", "version": "2.7.11" }, { "model": "endpoint security", "scope": "lt", "trust": 1.0, "vendor": "stormshield", "version": "7.2.40" }, { "model": "network security", "scope": "gte", "trust": 1.0, "vendor": "stormshield", "version": "4.0.0" }, { "model": "network security", "scope": "lt", "trust": 1.0, "vendor": "stormshield", "version": "3.11.22" }, { "model": "network security", "scope": "lt", "trust": 1.0, "vendor": "stormshield", "version": "3.7.34" }, { "model": "hitachi compute systems manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "hitachi tuning manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/performance management - manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/snmp system observer", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "\u30d7\u30ed\u30b0\u30e9\u30df\u30f3\u30b0\u74b0\u5883 for java", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "connexive pf", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "jp1/it desktop management 2 - smart device manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "hitachi tiered storage manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "hitachi configuration manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "nec multimedia olap for \u6620\u50cf\u5206\u6790\u30b5\u30fc\u30d3\u30b9", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "jp1/navigation platform", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/navigation platform for developers", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "openssl", "scope": null, "trust": 0.8, "vendor": "openssl", "version": null }, { "model": "jp1/operations analytics", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/base", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "ix \u30eb\u30fc\u30bf", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "jp1/automatic job management system 3 - manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "\u5f97\u9078\u8857\u30fbgcb", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "jp1/it desktop management 2 - manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/data highway - server", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/it desktop management 2 - operations director", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/performance management - agent option for service response", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "esmpro/serveragent", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "neoface monitor", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "\u990a\u6b96\u9b5a\u30b5\u30a4\u30ba\u6e2c\u5b9a\u81ea\u52d5\u5316\u30b5\u30fc\u30d3\u30b9", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "vran", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "ucosminexus application server-r", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "ucosminexus developer", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/service support", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/service support starter edition", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "webotx application server", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "hitachi device manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/automatic operation", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "ucosminexus service architect", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "spoolserver/reportfiling", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "hitachi global link manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "webotx sip application server", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "cosminexus http server", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "hitachi replication manager", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "iot \u5171\u901a\u57fa\u76e4", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "\u65e5\u7acb\u30a2\u30c9\u30d0\u30f3\u30b9\u30c8\u30b5\u30fc\u30d0 ha8000v \u30b7\u30ea\u30fc\u30ba", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/data highway - server starter edition", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "connexive application platform", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "nec enhanced speech analysis", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "jp1/automatic job management system 3 - definitions assistant", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "jp1/file transmission server/ftp", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-003736" }, { "db": "NVD", "id": "CVE-2022-4304" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.0.8", "versionStartIncluding": "3.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.1.1t", "versionStartIncluding": "1.1.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2zg", "versionStartIncluding": "1.0.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.6.3", "versionStartIncluding": "4.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.3.16", "versionStartIncluding": "4.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.11.22", "versionStartIncluding": "3.8.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.7.34", "versionStartIncluding": "2.8.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.11", "versionStartIncluding": "2.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:stormshield:endpoint_security:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.2.40", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:stormshield:sslvpn:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.1", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2022-4304" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "173547" }, { "db": "PACKETSTORM", "id": "172045" }, { "db": "PACKETSTORM", "id": "172084" }, { "db": "PACKETSTORM", "id": "172737" }, { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "174517" } ], "trust": 0.6 }, "cve": "CVE-2022-4304", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.2, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "High", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.9, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-4304", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2022-4304", "trust": 1.8, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-003736" }, { "db": "NVD", "id": "CVE-2022-4304" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A timing based side channel exists in the OpenSSL RSA Decryption implementation\nwhich could be sufficient to recover a plaintext across a network in a\nBleichenbacher style attack. To achieve a successful decryption an attacker\nwould have to be able to send a very large number of trial messages for\ndecryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,\nRSA-OEAP and RSASVE. \n\nFor example, in a TLS connection, RSA is commonly used by a client to send an\nencrypted pre-master secret to the server. An attacker that had observed a\ngenuine connection between a client and a server could use this flaw to send\ntrial messages to the server and record the time taken to process them. After a\nsufficiently large number of messages the attacker could recover the pre-master\nsecret used for the original connection and thus be able to decrypt the\napplication data sent over that connection. (CVE-2022-4304)\nA use-after-free vulnerability was found in OpenSSL\u0027s BIO_new_NDEF function. Under certain conditions. (CVE-2023-0286). Bugs fixed (https://bugzilla.redhat.com/):\n\n2212085 - CVE-2023-3089 openshift: OCP \u0026 FIPS mode\n\n5. Red Hat\nOpenShift Data Foundation is a highly scalable, production-grade persistent\nstorage for stateful applications running in the Red Hat OpenShift\nContainer Platform. In addition to persistent storage, Red Hat OpenShift\nData Foundation provisions a multicloud data management service with an S3\ncompatible API. \n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to\nthese updated images, which provide several bug fixes. Bugs fixed (https://bugzilla.redhat.com/):\n\n2171965 - [4.11 clone] Secrets are used in env variables\n2176012 - [ODF 4.11] Move the defaults for rookceph operator from configmap to csv\n2181405 - CVE-2022-40186 vault: Vault Entity Alias Metadata May Leak Between Aliases With The Same Name Assigned To The Same Entity\n2183683 - [ODF 4.11] Deployment of ODF 4.9 over external mode failing with: panic: assignment to entry in nil map in ocs-operator logs\n2186456 - Include at ODF 4.11 container images the RHEL8 CVE fix on \"openssl\"\n\n5. Summary:\n\nMulticluster Engine for Kubernetes 2.1.6 General Availability release\nimages,\nwhich fix bugs and security updates container images. Description:\n\nMulticluster Engine for Kubernetes 2.1.6 images\n\nMulticluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds. \n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters or to bring existing Kubernetes-based clusters under management by\nimporting them. After the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy. \n\nJira issue addressed:\n\nACM-3513: MCE 2.1.6 images\n\nSecurity fix(es):\n\n* CVE-2022-25881 http-cache-semantics: Regular Expression Denial of Service\n(ReDoS) vulnerability\n\n3. Solution:\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/multicluster_engine/multicluster_engine_overview#installing-while-connected-online-mce\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2165824 - CVE-2022-25881 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability\n\n5. It is comprised of the Apache\nTomcat Servlet container, JBoss HTTP Connector (mod_cluster), the\nPicketLink Vault extension for Apache Tomcat, and the Tomcat Native\nlibrary. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update\nAdvisory ID: RHSA-2023:3354-01\nProduct: Red Hat JBoss Core Services\nAdvisory URL: https://access.redhat.com/errata/RHSA-2023:3354\nIssue date: 2023-06-05\nCVE Names: CVE-2006-20001 CVE-2022-4304 CVE-2022-4450 \n CVE-2022-25147 CVE-2022-43551 CVE-2022-43552 \n CVE-2023-0215 CVE-2023-0286 CVE-2023-23914 \n CVE-2023-23915 CVE-2023-23916 CVE-2023-25690 \n=====================================================================\n\n1. Summary:\n\nAn update is now available for Red Hat JBoss Core Services Apache HTTP\nServer 2.4.51 Service Pack 2 on Red Hat Enterprise Linux versions 7 and 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51\nService Pack 2 serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and\nenhancements, which are documented in the Release Notes document linked to\nin the References. \n\nSecurity Fix(es):\n\n* apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147)\n* curl: HSTS bypass via IDN (CVE-2022-43551)\n* curl: HTTP Proxy deny use-after-free (CVE-2022-43552)\n* curl: HSTS ignored on multiple requests (CVE-2023-23914)\n* curl: HSTS amnesia with --parallel (CVE-2023-23915)\n* curl: HTTP multi-header compression denial of service (CVE-2023-23916)\n* httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)\n* httpd: HTTP request splitting with mod_rewrite and mod_proxy\n(CVE-2023-25690)\n* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)\n* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)\n* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)\n* openssl: X.400 address type confusion in X.509 GeneralName\n(CVE-2023-0286)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for\nthis update to take effect. After installing the updated packages, the\nhttpd daemon will be restarted automatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2152639 - CVE-2022-43551 curl: HSTS bypass via IDN\n2152652 - CVE-2022-43552 curl: Use-after-free triggered by an HTTP proxy deny response\n2161774 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte\n2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName\n2164487 - CVE-2022-4304 openssl: timing attack in RSA Decryption implementation\n2164492 - CVE-2023-0215 openssl: use-after-free following BIO_new_NDEF\n2164494 - CVE-2022-4450 openssl: double free after calling PEM_read_bio_ex\n2167797 - CVE-2023-23914 curl: HSTS ignored on multiple requests\n2167813 - CVE-2023-23915 curl: HSTS amnesia with --parallel\n2167815 - CVE-2023-23916 curl: HTTP multi-header compression denial of service\n2169652 - CVE-2022-25147 apr-util: out-of-bounds writes in the apr_base64\n2176209 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy\n\n6. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2006-20001\nhttps://access.redhat.com/security/cve/CVE-2022-4304\nhttps://access.redhat.com/security/cve/CVE-2022-4450\nhttps://access.redhat.com/security/cve/CVE-2022-25147\nhttps://access.redhat.com/security/cve/CVE-2022-43551\nhttps://access.redhat.com/security/cve/CVE-2022-43552\nhttps://access.redhat.com/security/cve/CVE-2023-0215\nhttps://access.redhat.com/security/cve/CVE-2023-0286\nhttps://access.redhat.com/security/cve/CVE-2023-23914\nhttps://access.redhat.com/security/cve/CVE-2023-23915\nhttps://access.redhat.com/security/cve/CVE-2023-23916\nhttps://access.redhat.com/security/cve/CVE-2023-25690\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBZH4jO9zjgjWX9erEAQhdzQ//WjNcrrZ2U8gZyEoQSCNUuGWPbKkm9H5e\nbdaRIBdB+st5qK0c114J+jSozhjpTsY3FvKVQaIvO5HVpQLXgJZEAjWjTCJPF0R6\nzEafAjK8UennjPkXzH7kYfXrGMIyDh+aMj0QN+SQM2IyD34W0Zk3uwjRnO1RlwCN\nPuPv9RxSTa8SbFAoYkmvI9N1e73Qiwv/50m9dN6DSo1jpLIhiiG15GIB0baoOS05\n5Vh8haPq9jmbsHjdyEdDNifgruwm/OipaS6QrcB21T2f0Tsy3Kvn7oUbXC5NxKWZ\n1H5RWEnVhFA+pfeY5ZChVYuktqFuhhhsnCcdLzMrzNsDquZXcKP/sRG4Lg6EjrOr\nsv7ywIgIEAYrHSuXj+b4Bkx1NRKZtMknsfi9Mw3vCARAqvIapBNIthC4dqg0gIiS\nHoXtsZDoz7GGcguOpcrMuzPOaiJiS8u9M8068JT6k20DSAM/jmL/mkzhaw2GG+KV\nMRLIaJViehUCrxJ4eht+djH4Mv8aEORWJx81yG91IKsH7nMcBkvqYsHf1qBxm78T\nL8L1va2P9tS1tA4Dbfp8aKr/Jr/ocMOJhapGCMNnAwsAUErgaGYOSVbYo4Bp2hrG\nFCsgWJWCB6NQwvRv/CZXar5AMvmVlrOVqYEHjMVQBfVS3Bu12a12EGKtnO3fJAYa\n2SvVnChgmv4=\n=TkYq\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. OpenSSL Security Advisory [7th February 2023]\n=============================================\n\nX.400 address type confusion in X.509 GeneralName (CVE-2023-0286)\n=================================================================\n\nSeverity: High\n\nThere is a type confusion vulnerability relating to X.400 address processing\ninside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but\nthe public structure definition for GENERAL_NAME incorrectly specified the type\nof the x400Address field as ASN1_TYPE. This field is subsequently interpreted by\nthe OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an\nASN1_STRING. \n\nWhen CRL checking is enabled (i.e. the application sets the\nX509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass\narbitrary pointers to a memcmp call, enabling them to read memory contents or\nenact a denial of service. In most cases, the attack requires the attacker to\nprovide both the certificate chain and CRL, neither of which need to have a\nvalid signature. If the attacker only controls one of these inputs, the other\ninput must already contain an X.400 address as a CRL distribution point, which\nis uncommon. As such, this vulnerability is most likely to only affect\napplications which have implemented their own functionality for retrieving CRLs\nover a network. \n\nOpenSSL versions 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. \n\nOpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. \nOpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. \nOpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers\nonly). \n\nThis issue was reported on 11th January 2023 by David Benjamin (Google). \nThe fix was developed by Hugo Landau. \n\nOpenSSL 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. \n\nOpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. \nOpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. \nOpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers\nonly). \n\nAn initial report of a possible timing side channel was made on 14th July 2020\nby Hubert Kario (Red Hat). A refined report identifying a specific timing side\nchannel was made on 15th July 2022 by Hubert Kario. \nThe fix was developed by Dmitry Belyavsky (Red Hat) and Hubert Kario. \n\nX.509 Name Constraints Read Buffer Overflow (CVE-2022-4203)\n===========================================================\n\nSeverity: Moderate\n\nA read buffer overrun can be triggered in X.509 certificate verification,\nspecifically in name constraint checking. Note that this occurs\nafter certificate chain signature verification and requires either a\nCA to have signed the malicious certificate or for the application to\ncontinue certificate verification despite failure to construct a path\nto a trusted issuer. \n\nThe read buffer overrun might result in a crash which could lead to\na denial of service attack. In theory it could also result in the disclosure\nof private memory contents (such as private keys, or sensitive plaintext)\nalthough we are not aware of any working exploit leading to memory\ncontents disclosure as of the time of release of this advisory. \n\nOpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue. \n\nOpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. \n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue. \n\nThis issue was reported to OpenSSL on 3rd November 2022 by Corey Bonnell\nfrom Digicert. The fix was developed by Viktor Dukhovni. \n\nUse-after-free following BIO_new_NDEF (CVE-2023-0215)\n=====================================================\n\nSeverity: Moderate\n\nThe public API function BIO_new_NDEF is a helper function used for streaming\nASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the\nSMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by\nend user applications. \n\nThe function receives a BIO from the caller, prepends a new BIO_f_asn1 filter\nBIO onto the front of it to form a BIO chain, and then returns the new head of\nthe BIO chain to the caller. Under certain conditions, for example if a CMS\nrecipient public key is invalid, the new filter BIO is freed and the function\nreturns a NULL result indicating a failure. However, in this case, the BIO chain\nis not properly cleaned up and the BIO passed by the caller still retains\ninternal pointers to the previously freed filter BIO. If the caller then goes on\nto call BIO_pop() on the BIO then a use-after-free will occur. This will most\nlikely result in a crash. \n\nThis scenario occurs directly in the internal function B64_write_ASN1() which\nmay cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on\nthe BIO. This internal function is in turn called by the public API functions\nPEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream,\nSMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. \n\nOther public API functions that may be impacted by this include\ni2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and\ni2d_PKCS7_bio_stream. \n\nThe OpenSSL cms and smime command line applications are similarly affected. \n\nOpenSSL 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. \n\nOpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. \nOpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. \nOpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers\nonly). \n\nThis issue was reported on 29th November 2022 by Octavio Galland and\nMarcel B\u00f6hme (Max Planck Institute for Security and Privacy). The fix was\ndeveloped by Viktor Dukhovni and Matt Caswell. \n\nDouble free after calling PEM_read_bio_ex (CVE-2022-4450)\n=========================================================\n\nSeverity: Moderate\n\nThe function PEM_read_bio_ex() reads a PEM file from a BIO and parses and\ndecodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. \nIf the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are\npopulated with pointers to buffers containing the relevant decoded data. The\ncaller is responsible for freeing those buffers. It is possible to construct a\nPEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex()\nwill return a failure code but will populate the header argument with a pointer\nto a buffer that has already been freed. If the caller also frees this buffer\nthen a double free will occur. This will most likely lead to a crash. This\ncould be exploited by an attacker who has the ability to supply malicious PEM\nfiles for parsing to achieve a denial of service attack. \n\nThe functions PEM_read_bio() and PEM_read() are simple wrappers around\nPEM_read_bio_ex() and therefore these functions are also directly affected. \n\nThese functions are also called indirectly by a number of other OpenSSL\nfunctions including PEM_X509_INFO_read_bio_ex() and\nSSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal\nuses of these functions are not vulnerable because the caller does not free the\nheader argument if PEM_read_bio_ex() returns a failure code. These locations\ninclude the PEM_read_bio_TYPE() functions as well as the decoders introduced in\nOpenSSL 3.0. \n\nThe OpenSSL asn1parse command line application is also impacted by this issue. \n\nOpenSSL 3.0 and 1.1.1 are vulnerable to this issue. \n\nOpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. \nOpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. \n\nOpenSSL 1.0.2 is not affected by this issue. \n\nThis issue was discovered by CarpetFuzz and reported on 8th December 2022 by\nDawei Wang. The fix was developed by Kurt Roeckx and Matt Caswell. \n\nInvalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)\n==================================================================\n\nSeverity: Moderate\n\nAn invalid pointer dereference on read can be triggered when an\napplication tries to load malformed PKCS7 data with the\nd2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. \n\nThe result of the dereference is an application crash which could\nlead to a denial of service attack. The TLS implementation in OpenSSL\ndoes not call this function however third party applications might\ncall these functions on untrusted data. \n\nOpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue. \n\nOpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. \n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue. \n\nThis issue was reported on 27th December 2022 by Marc Sch\u00f6nefeld. \nThe fix was developed by Tomas Mraz. \n\nNULL dereference validating DSA public key (CVE-2023-0217)\n==========================================================\n\nSeverity: Moderate\n\nAn invalid pointer dereference on read can be triggered when an\napplication tries to check a malformed DSA public key by the\nEVP_PKEY_public_check() function. This will most likely lead\nto an application crash. This function can be called on public\nkeys supplied from untrusted sources which could allow an attacker\nto cause a denial of service attack. \n\nThe TLS implementation in OpenSSL does not call this function\nbut applications might call the function if there are additional\nsecurity requirements imposed by standards such as FIPS 140-3. \n\nOpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue. \n\nOpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. \n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue. \n\nThis issue was reported on 27th December 2022 by Kurt Roeckx. \nThe fix was developed by Shane Lontis from Oracle. \n\nNULL dereference during PKCS7 data verification (CVE-2023-0401)\n===============================================================\n\nSeverity: Moderate\n\nA NULL pointer can be dereferenced when signatures are being\nverified on PKCS7 signed or signedAndEnveloped data. In case the hash\nalgorithm used for the signature is known to the OpenSSL library but\nthe implementation of the hash algorithm is not available the digest\ninitialization will fail. There is a missing check for the return\nvalue from the initialization function which later leads to invalid\nusage of the digest API most likely leading to a crash. \n\nThe unavailability of an algorithm can be caused by using FIPS\nenabled configuration of providers or more commonly by not loading\nthe legacy provider. \n\nPKCS7 data is processed by the SMIME library calls and also by the\ntime stamp (TS) library calls. The TLS implementation in OpenSSL does\nnot call these functions however third party applications would be\naffected if they call these functions to verify signatures on untrusted\ndata. \n\nOpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue. \n\nOpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. \n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue. \n\nThis issue was reported on 13th January 2023 by Hubert Kario and\nDmitry Belyavsky (Red Hat). \nThe fix was developed by Tomas Mraz. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20230207.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/general/security-policy.html\n. \n\nThis advisory contains OpenShift Virtualization 4.12.6 images. Bugs fixed (https://bugzilla.redhat.com/):\n\n2139896 - Requested TSC frequency outside tolerance range \u0026 TSC scaling not supported\n2145146 - CDI operator is not creating PrometheusRule resource with alerts if CDI resource is incorrect\n2148383 - Migration metrics values are not sum up values from all VMIs\n2149409 - HPP mounter deployment can\u0027t mount as unprivileged\n2168489 - Overview -\u003e Migrations - The ?Bandwidth consumption? Graph display with wrong values\n2184435 - [cnv-4.12] virt-handler should not delete any pre-configured mediated devices i these are provided by an external provider\n2222191 - [cnv-4.12] manually increasing the number of virt-api pods does not work\n\n5. ==========================================================================\nUbuntu Security Notice USN-6564-1\nJanuary 03, 2024\n\nnodejs vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Node.js. \n\nSoftware Description:\n- nodejs: An open-source, cross-platform JavaScript runtime environment. \n\nDetails:\n\nHubert Kario discovered that Node.js incorrectly handled certain inputs. If a\nuser or an automated system were tricked into opening a specially crafted input\nfile, a remote attacker could possibly use this issue to obtain sensitive\ninformation. (CVE-2022-4304)\n\nCarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain\ninputs. If a user or an automated system were tricked into opening a specially\ncrafted input file, a remote attacker could possibly use this issue to cause a\ndenial of service. (CVE-2022-4450)\n\nOctavio Galland and Marcel B\u00f6hme discovered that Node.js incorrectly handled\ncertain inputs. If a user or an automated system were tricked into opening a\nspecially crafted input file, a remote attacker could possibly use this issue\nto cause a denial of service. (CVE-2023-0215)\n\nDavid Benjamin discovered that Node.js incorrectly handled certain inputs. If a\nuser or an automated system were tricked into opening a specially crafted input\nfile, a remote attacker could possibly use this issue to obtain sensitive\ninformation. (CVE-2023-0286)\n\nHubert Kario and Dmitry Belyavsky discovered that Node.js incorrectly handled\ncertain inputs. If a user or an automated system were tricked into opening a\nspecially crafted input file, a remote attacker could possibly use this issue\nto cause a denial of service. (CVE-2023-0401)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.04 LTS:\n libnode-dev 12.22.9~dfsg-1ubuntu3.3\n libnode72 12.22.9~dfsg-1ubuntu3.3\n nodejs 12.22.9~dfsg-1ubuntu3.3\n\nIn general, a standard system update will make all the necessary changes", "sources": [ { "db": "NVD", "id": "CVE-2022-4304" }, { "db": "JVNDB", "id": "JVNDB-2022-003736" }, { "db": "VULMON", "id": "CVE-2022-4304" }, { "db": "PACKETSTORM", "id": "173547" }, { "db": "PACKETSTORM", "id": "172045" }, { "db": "PACKETSTORM", "id": "172084" }, { "db": "PACKETSTORM", "id": "172737" }, { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "170922" }, { "db": "PACKETSTORM", "id": "174517" }, { "db": "PACKETSTORM", "id": "176366" } ], "trust": 2.43 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-4304", "trust": 3.5 }, { "db": "JVN", "id": "JVNVU90056839", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU91676340", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU95292697", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU91198149", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU92598492", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU99464755", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU97200253", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU99752892", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU91213144", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU98954443", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-075-04", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-143-02", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-24-046-15", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-222-09", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-255-01", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-166-11", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-320-08", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-194-04", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-003736", "trust": 0.8 }, { "db": "VULMON", "id": "CVE-2022-4304", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "173547", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "172045", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "172084", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "172737", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "172734", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "170922", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "174517", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "176366", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-4304" }, { "db": "JVNDB", "id": "JVNDB-2022-003736" }, { "db": "PACKETSTORM", "id": "173547" }, { "db": "PACKETSTORM", "id": "172045" }, { "db": "PACKETSTORM", "id": "172084" }, { "db": "PACKETSTORM", "id": "172737" }, { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "170922" }, { "db": "PACKETSTORM", "id": "174517" }, { "db": "PACKETSTORM", "id": "176366" }, { "db": "NVD", "id": "CVE-2022-4304" } ] }, "id": "VAR-202302-0482", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.24287330499999998 }, "last_update_date": "2024-06-17T11:16:50.530000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "hitachi-sec-2023-135 Software product security information", "trust": 0.8, "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "title": "Red Hat: ", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2022-4304" }, { "title": "Amazon Linux AMI: ALAS-2023-1683", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2023-1683" }, { "title": "Debian Security Advisories: DSA-5343-1 openssl -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=b6a11b827fe9cfaea9c113b2ad37856f" }, { "title": "Amazon Linux 2: ALAS2-2023-1935", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2023-1935" }, { "title": "Amazon Linux 2: ALAS2-2023-1934", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2023-1934" }, { "title": "Palo Alto Networks Security Advisory: PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory\u0026qid=3092389eb9f034e4b8387a75a5ae33f8" }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2022-4304 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-4304" }, { "db": "JVNDB", "id": "JVNDB-2022-003736" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-203", "trust": 1.0 }, { "problemtype": "others (CWE-Other) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-003736" }, { "db": "NVD", "id": "CVE-2022-4304" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-4304" }, { "trust": 1.2, "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "trust": 1.0, "url": "https://security.gentoo.org/glsa/202402-08" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91213144/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu99752892/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91676340/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu99464755/index.html" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu95292697/index.html" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu90056839/index.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu97200253/index.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu92598492/index.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98954443/index.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91198149/index.html" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-075-04" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-02" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-194-04" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-222-09" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-255-01" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-08" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-15" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-4450" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0215" }, { "trust": 0.7, "url": "https://access.redhat.com/security/cve/cve-2022-4304" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2023-0215" }, { "trust": 0.6, "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2022-4450" }, { "trust": 0.6, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.6, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0286" }, { "trust": 0.5, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2023-0361" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0361" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2023-0286" }, { "trust": 0.3, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-23916" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2023-23916" }, { "trust": 0.3, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.2, "url": "https://issues.redhat.com/):" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-48303" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40897" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2020-10735" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-40897" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-4415" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-45061" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10735" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-4415" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-45061" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2021-28861" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-28861" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-48303" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0401" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2022-4304" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://alas.aws.amazon.com/alas-2023-1683.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-26604" }, { "trust": 0.1, "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2023-001" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:4114" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-1667" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-2283" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24736" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-24329" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-3089" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-2283" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-1667" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-24736" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-3089" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-26604" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-24329" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-40186" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:2023" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40186" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/multicluster_engine/multicluster_engine_overview#installing-while-connected-online-mce" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-25881" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification#moderate" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0767" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:2061" }, { "trust": 0.1, "url": "https://issues.jboss.org/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-0767" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-25881" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:3421" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=securitypatches\u0026version=5.7" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-25147" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-23915" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-25690" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43552" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-43552" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-23914" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-25690" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-23914" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-20001" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-25147" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:3354" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-23915" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43551" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2006-20001" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-43551" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-4203" }, { "trust": 0.1, "url": "https://www.openssl.org/policies/general/security-policy.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0216" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0217" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-34969" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-38408" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-3899" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-2602" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-32681" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-29469" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-3709" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-28321" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-34969" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-29469" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-27536" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-32681" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-3709" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-28321" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-28484" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-27536" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-28484" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:4982" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-2603" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-2602" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-2603" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2023-38408" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-6564-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nodejs/12.22.9~dfsg-1ubuntu3.3" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-4304" }, { "db": "JVNDB", "id": "JVNDB-2022-003736" }, { "db": "PACKETSTORM", "id": "173547" }, { "db": "PACKETSTORM", "id": "172045" }, { "db": "PACKETSTORM", "id": "172084" }, { "db": "PACKETSTORM", "id": "172737" }, { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "170922" }, { "db": "PACKETSTORM", "id": "174517" }, { "db": "PACKETSTORM", "id": "176366" }, { "db": "NVD", "id": "CVE-2022-4304" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2022-4304" }, { "db": "JVNDB", "id": "JVNDB-2022-003736" }, { "db": "PACKETSTORM", "id": "173547" }, { "db": "PACKETSTORM", "id": "172045" }, { "db": "PACKETSTORM", "id": "172084" }, { "db": "PACKETSTORM", "id": "172737" }, { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "170922" }, { "db": "PACKETSTORM", "id": "174517" }, { "db": "PACKETSTORM", "id": "176366" }, { "db": "NVD", "id": "CVE-2022-4304" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-08T00:00:00", "db": "VULMON", "id": "CVE-2022-4304" }, { "date": "2023-03-07T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-003736" }, { "date": "2023-07-18T13:35:08", "db": "PACKETSTORM", "id": "173547" }, { "date": "2023-04-26T15:28:12", "db": "PACKETSTORM", "id": "172045" }, { "date": "2023-05-02T15:33:51", "db": "PACKETSTORM", "id": "172084" }, { "date": "2023-06-06T16:32:27", "db": "PACKETSTORM", "id": "172737" }, { "date": "2023-06-06T16:30:34", "db": "PACKETSTORM", "id": "172734" }, { "date": "2023-02-07T12:12:12", "db": "PACKETSTORM", "id": "170922" }, { "date": "2023-09-06T16:39:54", "db": "PACKETSTORM", "id": "174517" }, { "date": "2024-01-03T14:50:24", "db": "PACKETSTORM", "id": "176366" }, { "date": "2023-02-08T20:15:23.887000", "db": "NVD", "id": "CVE-2022-4304" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-09T00:00:00", "db": "VULMON", "id": "CVE-2022-4304" }, { "date": "2024-03-14T03:32:00", "db": "JVNDB", "id": "JVNDB-2022-003736" }, { "date": "2024-02-04T09:15:08.627000", "db": "NVD", "id": "CVE-2022-4304" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "176366" } ], "trust": 0.1 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL\u00a0 side-channel vulnerabilities in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-003736" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "overflow", "sources": [ { "db": "PACKETSTORM", "id": "170922" } ], "trust": 0.1 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.