ID

VAR-202106-0521


CVE

CVE-2021-22898


TITLE

curl  Vulnerability in resource initialization deficiency in

Trust: 0.8

sources: JVNDB: JVNDB-2021-008167

DESCRIPTION

curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol. curl Exists in a flaw in resource initialization.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Gatekeeper Operator v0.2 security updates and bug fixes Advisory ID: RHSA-2022:1081-01 Product: Red Hat ACM Advisory URL: https://access.redhat.com/errata/RHSA-2022:1081 Issue date: 2022-03-28 CVE Names: CVE-2019-5827 CVE-2019-13750 CVE-2019-13751 CVE-2019-17594 CVE-2019-17595 CVE-2019-18218 CVE-2019-19603 CVE-2019-20838 CVE-2020-12762 CVE-2020-13435 CVE-2020-14155 CVE-2020-16135 CVE-2020-24370 CVE-2021-3200 CVE-2021-3445 CVE-2021-3521 CVE-2021-3580 CVE-2021-3712 CVE-2021-3800 CVE-2021-3999 CVE-2021-20231 CVE-2021-20232 CVE-2021-22876 CVE-2021-22898 CVE-2021-22925 CVE-2021-23177 CVE-2021-28153 CVE-2021-31566 CVE-2021-33560 CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 CVE-2021-42574 CVE-2021-43565 CVE-2022-23218 CVE-2022-23219 CVE-2022-23308 CVE-2022-23806 CVE-2022-24407 ==================================================================== 1. Summary: Gatekeeper Operator v0.2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Gatekeeper Operator v0.2 Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include security updates, and container upgrades. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Note: Gatekeeper support from the Red Hat support team is limited cases where it is integrated and used with Red Hat Advanced Cluster Management for Kubernetes. For support options for any other use, see the Gatekeeper open source project website at: https://open-policy-agent.github.io/gatekeeper/website/docs/howto/. Security updates: * golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565) * golang: crypto/elliptic IsOnCurve returns true for invalid field elements (CVE-2022-23806) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. The requirements to apply the upgraded images are different whether or not you used the operator. Complete the following steps, depending on your installation: - - Upgrade gatekeeper operator: The gatekeeper operator that is installed by the gatekeeper operator policy has `installPlanApproval` set to `Automatic`. This setting means the operator will be upgraded automatically when there is a new version of the operator. No further action is required for upgrade. If you changed the setting for `installPlanApproval` to `manual`, then you must view each cluster to manually approve the upgrade to the operator. - - Upgrade gatekeeper without the operator: The gatekeeper version is specified as part of the Gatekeeper CR in the gatekeeper operator policy. To upgrade the gatekeeper version: a) Determine the latest version of gatekeeper by visiting: https://catalog.redhat.com/software/containers/rhacm2/gatekeeper-rhel8/5fadb4a18d9a79d2f438a5d9. b) Click the tag dropdown, and find the latest static tag. An example tag is 'v3.3.0-1'. c) Edit the gatekeeper operator policy and update the image tag to use the latest static tag. For example, you might change this line to image: 'registry.redhat.io/rhacm2/gatekeeper-rhel8:v3.3.0-1'. Refer to https://open-policy-agent.github.io/gatekeeper/website/docs/howto/ for additional information. 4. Bugs fixed (https://bugzilla.redhat.com/): 2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic 2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements 5. References: https://access.redhat.com/security/cve/CVE-2019-5827 https://access.redhat.com/security/cve/CVE-2019-13750 https://access.redhat.com/security/cve/CVE-2019-13751 https://access.redhat.com/security/cve/CVE-2019-17594 https://access.redhat.com/security/cve/CVE-2019-17595 https://access.redhat.com/security/cve/CVE-2019-18218 https://access.redhat.com/security/cve/CVE-2019-19603 https://access.redhat.com/security/cve/CVE-2019-20838 https://access.redhat.com/security/cve/CVE-2020-12762 https://access.redhat.com/security/cve/CVE-2020-13435 https://access.redhat.com/security/cve/CVE-2020-14155 https://access.redhat.com/security/cve/CVE-2020-16135 https://access.redhat.com/security/cve/CVE-2020-24370 https://access.redhat.com/security/cve/CVE-2021-3200 https://access.redhat.com/security/cve/CVE-2021-3445 https://access.redhat.com/security/cve/CVE-2021-3521 https://access.redhat.com/security/cve/CVE-2021-3580 https://access.redhat.com/security/cve/CVE-2021-3712 https://access.redhat.com/security/cve/CVE-2021-3800 https://access.redhat.com/security/cve/CVE-2021-3999 https://access.redhat.com/security/cve/CVE-2021-20231 https://access.redhat.com/security/cve/CVE-2021-20232 https://access.redhat.com/security/cve/CVE-2021-22876 https://access.redhat.com/security/cve/CVE-2021-22898 https://access.redhat.com/security/cve/CVE-2021-22925 https://access.redhat.com/security/cve/CVE-2021-23177 https://access.redhat.com/security/cve/CVE-2021-28153 https://access.redhat.com/security/cve/CVE-2021-31566 https://access.redhat.com/security/cve/CVE-2021-33560 https://access.redhat.com/security/cve/CVE-2021-36084 https://access.redhat.com/security/cve/CVE-2021-36085 https://access.redhat.com/security/cve/CVE-2021-36086 https://access.redhat.com/security/cve/CVE-2021-36087 https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/cve/CVE-2021-43565 https://access.redhat.com/security/cve/CVE-2022-23218 https://access.redhat.com/security/cve/CVE-2022-23219 https://access.redhat.com/security/cve/CVE-2022-23308 https://access.redhat.com/security/cve/CVE-2022-23806 https://access.redhat.com/security/cve/CVE-2022-24407 https://access.redhat.com/security/updates/classification/#moderate https://open-policy-agent.github.io/gatekeeper/website/docs/howto/ 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYkHUf9zjgjWX9erEAQiizw//XXMOXR1Xe/Fp6uV2DCknXEAWJbYuGV43 9a87QSq5ob3vbqGGXQXLU6ENjFtAx37/+5+UqAVbzcj+LQ0lV6Ny9rVzolDT4ltG k7J/BUd/kyr9G5gbiih3D/tm8dLh/rLft8FKgB+hEw+NcXnFlEvW5iEymqAsyH/D mrcgCrASFoWG4S4/JC+g8r1TRHAJj4ERAy4ZpDqn/eoOWY3jD+rPv1VD5Z+XaE07 +jw+mvZukP2l0374Yn3W+g7uVOZ5RSqSpEzBZoSy3ffYAqpK+oQ7eN19DOW7l3tr Ko/4h4OmLcOtIRedyt86xJe+zY7Ovo1cRP1TUgRapZGpTCPjaQ/okOhAIh03uxrx ceCawNnagBB1iglJl29GNRUUUU0JWhbEPDLepSjfsyOwkJxvtUulC/W+RJVfpE7Q LimNdHDJbFWN1x4IujdJNOCjPnBj6sG84PxLIjx5hM07ARRCBfrHutmlBm6Aq8Ej mcNPudtyufYuAqcNx8Pe04kwRmzeukNm/qVvr+ywG1+Rp4yo3mkxplZY+5z7S2sH vsciDeEGg6CAh7Sm/zfN3fpvNei1WhzcSxKsHMLB40ASJU2sMe1tt9b2pPhaHfXK lYnIN38GSqlQUjvb1jy8ymzOT3+73uCjYQrVbsGXoevb1639pasWv5i9dyx27kPb 1PnhEG7/jO4=XPu4 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Bugs fixed (https://bugzilla.redhat.com/): 1944888 - CVE-2021-21409 netty: Request smuggling via content-length header 2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data 2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way 2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value 5. JIRA issues fixed (https://issues.jboss.org/): LOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable 6. Summary: An update for curl is now available for Red Hat Enterprise Linux 8. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Leak of authentication credentials in URL via automatic Referer (CVE-2021-22876) * curl: TELNET stack contents disclosure (CVE-2021-22898) * curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure (CVE-2021-22925) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1941964 - CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer 1947493 - Why there is a difference between curl --head output on the RHEL7 and RHEL8. 1964887 - CVE-2021-22898 curl: TELNET stack contents disclosure 1970902 - CVE-2021-22925 curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure 6. Package List: Red Hat Enterprise Linux BaseOS (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Clusters and applications are all visible and managed from a single console — with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/ Security updates: * object-path: Type confusion vulnerability can lead to a bypass of CVE-2020-15256 (CVE-2021-23434) * follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155) Related bugs: * RHACM 2.2.11 images (Bugzilla #2029508) * ClusterImageSet has 4.5 which is not supported in ACM 2.2.10 (Bugzilla #2030859) 3. Bugs fixed (https://bugzilla.redhat.com/): 1999810 - CVE-2021-23434 object-path: Type confusion vulnerability can lead to a bypass of CVE-2020-15256 2029508 - RHACM 2.2.11 images 2030859 - ClusterImageSet has 4.5 which is not supported in ACM 2.2.10 2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor 5. Summary: The Migration Toolkit for Containers (MTC) 1.5.2 is now available. Description: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/): 2000734 - CVE-2021-3757 nodejs-immer: prototype pollution may lead to DoS or remote code execution 2005438 - Combining Rsync and Stunnel in a single pod can degrade performance (1.5 backport) 2006842 - MigCluster CR remains in "unready" state and source registry is inaccessible after temporary shutdown of source cluster 2007429 - "oc describe" and "oc log" commands on "Migration resources" tree cannot be copied after failed migration 2022017 - CVE-2021-3948 mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC) 5. ========================================================================== Ubuntu Security Notice USN-5894-1 February 27, 2023 curl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in curl. This issue was only fixed in Ubuntu 14.04 ESM. (CVE-2021-22898, CVE-2021-22925) It was discovered that curl incorrectly handled denials when using HTTP proxies. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-43552) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: curl 7.47.0-1ubuntu2.19+esm7 libcurl3 7.47.0-1ubuntu2.19+esm7 libcurl3-gnutls 7.47.0-1ubuntu2.19+esm7 libcurl3-nss 7.47.0-1ubuntu2.19+esm7 Ubuntu 14.04 ESM: curl 7.35.0-1ubuntu2.20+esm14 libcurl3 7.35.0-1ubuntu2.20+esm14 libcurl3-gnutls 7.35.0-1ubuntu2.20+esm14 libcurl3-nss 7.35.0-1ubuntu2.20+esm14 In general, a standard system update will make all the necessary changes

Trust: 2.34

sources: NVD: CVE-2021-22898 // JVNDB: JVNDB-2021-008167 // VULMON: CVE-2021-22898 // PACKETSTORM: 166489 // PACKETSTORM: 165296 // PACKETSTORM: 165286 // PACKETSTORM: 164886 // PACKETSTORM: 166309 // PACKETSTORM: 165099 // PACKETSTORM: 171153

AFFECTED PRODUCTS

vendor:oraclemodel:mysql serverscope:ltversion:8.0.25

Trust: 1.0

vendor:haxxmodel:curlscope:lteversion:7.76.1

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:34

Trust: 1.0

vendor:oraclemodel:mysql serverscope:ltversion:5.7.34

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:eqversion:9.1.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:oraclemodel:essbasescope:ltversion:11.1.2.4.047

Trust: 1.0

vendor:oraclemodel:essbasescope:ltversion:21.3

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:ltversion:8.2.12

Trust: 1.0

vendor:oraclemodel:communications cloud native core service communication proxyscope:eqversion:1.15.0

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:ltversion:9.0.6

Trust: 1.0

vendor:oraclemodel:communications cloud native core binding support functionscope:eqversion:1.11.0

Trust: 1.0

vendor:siemensmodel:sinec infrastructure network servicesscope:ltversion:1.0.1.1

Trust: 1.0

vendor:oraclemodel:communications cloud native core network function cloud native environmentscope:eqversion:1.10.0

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:gteversion:9.0.0

Trust: 1.0

vendor:oraclemodel:mysql serverscope:gteversion:8.0.15

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:33

Trust: 1.0

vendor:oraclemodel:communications cloud native core network repository functionscope:eqversion:1.15.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core network slice selection functionscope:eqversion:1.8.0

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:gteversion:8.2.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core network repository functionscope:eqversion:1.15.1

Trust: 1.0

vendor:haxxmodel:curlscope:gteversion:7.7

Trust: 1.0

vendor:oraclemodel:essbasescope:gteversion:21.0

Trust: 1.0

vendor:オラクルmodel:oracle essbase serverscope: - version: -

Trust: 0.8

vendor:オラクルmodel:mysqlscope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:apachemodel:guacamolescope: - version: -

Trust: 0.8

vendor:fedoramodel:fedorascope: - version: -

Trust: 0.8

vendor:haxxmodel:curlscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-008167 // NVD: CVE-2021-22898

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-22898
value: LOW

Trust: 1.0

NVD: CVE-2021-22898
value: LOW

Trust: 0.8

CNNVD: CNNVD-202105-1685
value: LOW

Trust: 0.6

VULMON: CVE-2021-22898
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-22898
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2021-22898
baseSeverity: LOW
baseScore: 3.1
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.6
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2021-22898
baseSeverity: LOW
baseScore: 3.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2021-22898 // JVNDB: JVNDB-2021-008167 // CNNVD: CNNVD-202105-1685 // NVD: CVE-2021-22898

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.0

problemtype:CWE-909

Trust: 1.0

problemtype:Inadequate resource initialization (CWE-909) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-008167 // NVD: CVE-2021-22898

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 171153 // CNNVD: CNNVD-202105-1685

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202105-1685

PATCH

title:Oracle Critical Patch Update Advisory - January 2022url:https://lists.apache.org/thread/ypcjpttlozwxngl5s2x4gco3hnbmx1t8

Trust: 0.8

title:HAXX libcurl Repair measures for information disclosure vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=155744

Trust: 0.6

title:Debian CVElist Bug Report Logs: curl: CVE-2021-22898: TELNET stack contents disclosureurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=06890b233289ebfb9c405fee6437c7b1

Trust: 0.1

title:Red Hat: CVE-2021-22898url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-22898

Trust: 0.1

title:Amazon Linux AMI: ALAS-2021-1509url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1509

Trust: 0.1

title:Arch Linux Advisories: [ASA-202106-9] lib32-libcurl-gnutls: information disclosureurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202106-9

Trust: 0.1

title:Arch Linux Advisories: [ASA-202106-8] libcurl-gnutls: information disclosureurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202106-8

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1653url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1653

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-22898 log

Trust: 0.1

title:Arch Linux Advisories: [ASA-202106-4] curl: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202106-4

Trust: 0.1

title:Arch Linux Advisories: [ASA-202106-7] lib32-libcurl-compat: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202106-7

Trust: 0.1

title:Arch Linux Advisories: [ASA-202106-5] lib32-curl: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202106-5

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-60] lib32-curl: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-60

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-61] libcurl-compat: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-61

Trust: 0.1

title:Arch Linux Advisories: [ASA-202106-6] libcurl-compat: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202106-6

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-64] lib32-libcurl-gnutls: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-64

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-62] lib32-libcurl-compat: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-62

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-63] libcurl-gnutls: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-63

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1700url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1700

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-59] curl: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-59

Trust: 0.1

title:Debian Security Advisories: DSA-5197-1 curl -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=d9b734e3e9b6712333c95a6263dead82

Trust: 0.1

title:Red Hat: Moderate: Release of OpenShift Serverless 1.20.0url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220434 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat OpenShift distributed tracing 2.1.0 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220318 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Release of containers for OSP 16.2 director operator tech previewurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220842 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Gatekeeper Operator v0.2 security updates and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20221081 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Red Hat OpenShift GitOps security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220580 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat Advanced Cluster Management 2.2.11 security updates and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220856 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.5.4 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20221396 - Security Advisory

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=4a9822530e6b610875f83ffc10e02aba

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d

Trust: 0.1

title:CVE-2021-22898url:https://github.com/AlAIAL90/CVE-2021-22898

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2021-22898

Trust: 0.1

title:trivy-operatorurl:https://github.com/devopstales/trivy-operator

Trust: 0.1

title:log4jnotesurl:https://github.com/kenlavbah/log4jnotes

Trust: 0.1

title:myapp-container-jaxrsurl:https://github.com/akiraabe/myapp-container-jaxrs

Trust: 0.1

sources: VULMON: CVE-2021-22898 // JVNDB: JVNDB-2021-008167 // CNNVD: CNNVD-202105-1685

EXTERNAL IDS

db:NVDid:CVE-2021-22898

Trust: 4.0

db:OPENWALLid:OSS-SECURITY/2021/07/21/4

Trust: 2.4

db:SIEMENSid:SSA-389290

Trust: 1.6

db:HACKERONEid:1176461

Trust: 1.6

db:JVNDBid:JVNDB-2021-008167

Trust: 0.8

db:PACKETSTORMid:166489

Trust: 0.7

db:PACKETSTORMid:164886

Trust: 0.7

db:PACKETSTORMid:165099

Trust: 0.7

db:PACKETSTORMid:166308

Trust: 0.6

db:PACKETSTORMid:165209

Trust: 0.6

db:PACKETSTORMid:165096

Trust: 0.6

db:PACKETSTORMid:165129

Trust: 0.6

db:PACKETSTORMid:165002

Trust: 0.6

db:PACKETSTORMid:162817

Trust: 0.6

db:PACKETSTORMid:169318

Trust: 0.6

db:PACKETSTORMid:165135

Trust: 0.6

db:PACKETSTORMid:165633

Trust: 0.6

db:PACKETSTORMid:166051

Trust: 0.6

db:PACKETSTORMid:165862

Trust: 0.6

db:PACKETSTORMid:163637

Trust: 0.6

db:PACKETSTORMid:166789

Trust: 0.6

db:PACKETSTORMid:165758

Trust: 0.6

db:CS-HELPid:SB2021060321

Trust: 0.6

db:CS-HELPid:SB2021072212

Trust: 0.6

db:CS-HELPid:SB2021111131

Trust: 0.6

db:CS-HELPid:SB2021060128

Trust: 0.6

db:CS-HELPid:SB2021122914

Trust: 0.6

db:CS-HELPid:SB2021071312

Trust: 0.6

db:CS-HELPid:SB2021052711

Trust: 0.6

db:CS-HELPid:SB2021080210

Trust: 0.6

db:CS-HELPid:SB2021052620

Trust: 0.6

db:CS-HELPid:SB2022031104

Trust: 0.6

db:AUSCERTid:ESB-2021.3935

Trust: 0.6

db:AUSCERTid:ESB-2022.4266

Trust: 0.6

db:AUSCERTid:ESB-2021.4172

Trust: 0.6

db:AUSCERTid:ESB-2021.4229

Trust: 0.6

db:AUSCERTid:ESB-2022.1071

Trust: 0.6

db:AUSCERTid:ESB-2022.0716

Trust: 0.6

db:AUSCERTid:ESB-2021.3905

Trust: 0.6

db:AUSCERTid:ESB-2022.0245

Trust: 0.6

db:AUSCERTid:ESB-2021.4095

Trust: 0.6

db:AUSCERTid:ESB-2021.2295

Trust: 0.6

db:AUSCERTid:ESB-2021.4059

Trust: 0.6

db:AUSCERTid:ESB-2021.4254

Trust: 0.6

db:AUSCERTid:ESB-2021.3748

Trust: 0.6

db:AUSCERTid:ESB-2021.4019

Trust: 0.6

db:AUSCERTid:ESB-2022.0493

Trust: 0.6

db:AUSCERTid:ESB-2021.1859

Trust: 0.6

db:AUSCERTid:ESB-2022.1837

Trust: 0.6

db:AUSCERTid:ESB-2021.2526

Trust: 0.6

db:AUSCERTid:ESB-2021.2755

Trust: 0.6

db:AUSCERTid:ESB-2022.0394

Trust: 0.6

db:AUSCERTid:ESB-2022.1677

Trust: 0.6

db:AUSCERTid:ESB-2023.3146

Trust: 0.6

db:AUSCERTid:ESB-2021.2494

Trust: 0.6

db:AUSCERTid:ESB-2021.1841

Trust: 0.6

db:CNNVDid:CNNVD-202105-1685

Trust: 0.6

db:VULMONid:CVE-2021-22898

Trust: 0.1

db:PACKETSTORMid:165296

Trust: 0.1

db:PACKETSTORMid:165286

Trust: 0.1

db:PACKETSTORMid:166309

Trust: 0.1

db:PACKETSTORMid:171153

Trust: 0.1

sources: VULMON: CVE-2021-22898 // JVNDB: JVNDB-2021-008167 // PACKETSTORM: 166489 // PACKETSTORM: 165296 // PACKETSTORM: 165286 // PACKETSTORM: 164886 // PACKETSTORM: 166309 // PACKETSTORM: 165099 // PACKETSTORM: 171153 // CNNVD: CNNVD-202105-1685 // NVD: CVE-2021-22898

REFERENCES

url:http://www.openwall.com/lists/oss-security/2021/07/21/4

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-22898

Trust: 1.9

url:https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

Trust: 1.6

url:https://www.oracle.com/security-alerts/cpujan2022.html

Trust: 1.6

url:https://www.debian.org/security/2022/dsa-5197

Trust: 1.6

url:https://curl.se/docs/cve-2021-22898.html

Trust: 1.6

url:https://hackerone.com/reports/1176461

Trust: 1.6

url:https://www.oracle.com//security-alerts/cpujul2021.html

Trust: 1.6

url:https://www.oracle.com/security-alerts/cpuapr2022.html

Trust: 1.6

url:https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde

Trust: 1.6

url:https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html

Trust: 1.6

url:https://access.redhat.com/security/cve/cve-2021-22898

Trust: 1.2

url:https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3cissues.guacamole.apache.org%3e

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/frucw2uvnyudzf72dqlfqr4pjec6cf7v/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/pooc3uv7v6l4cj5ka2ptwtnuv5y72t3q/

Trust: 1.0

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2021-22925

Trust: 0.6

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2021-22876

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/frucw2uvnyudzf72dqlfqr4pjec6cf7v/

Trust: 0.6

url:https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3cissues.guacamole.apache.org%3e

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/pooc3uv7v6l4cj5ka2ptwtnuv5y72t3q/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0245

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1841

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3905

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3748

Trust: 0.6

url:https://packetstormsecurity.com/files/165862/red-hat-security-advisory-2022-0434-05.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6494763

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021080210

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0716

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021060321

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021052620

Trust: 0.6

url:https://packetstormsecurity.com/files/166489/red-hat-security-advisory-2022-1081-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162817/gentoo-linux-security-advisory-202105-36.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0394

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1859

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021072212

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4059

Trust: 0.6

url:https://packetstormsecurity.com/files/169318/debian-security-advisory-5197-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/166789/red-hat-security-advisory-2022-1396-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4254

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4095

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4172

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4266

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1837

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1677

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-was-identified-and-remediated-in-the-ibm-maas360-cloud-extender-v2-103-000-051-and-modules/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021052711

Trust: 0.6

url:https://packetstormsecurity.com/files/164886/red-hat-security-advisory-2021-4511-03.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021111131

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2755

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021071312

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1071

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4019

Trust: 0.6

url:https://vigilance.fr/vulnerability/curl-information-disclosure-via-telnet-new-env-variables-35539

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.3146

Trust: 0.6

url:https://packetstormsecurity.com/files/165633/ubuntu-security-notice-usn-5021-2.html

Trust: 0.6

url:https://packetstormsecurity.com/files/165135/red-hat-security-advisory-2021-4914-06.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021122914

Trust: 0.6

url:https://packetstormsecurity.com/files/165129/red-hat-security-advisory-2021-4902-06.html

Trust: 0.6

url:https://packetstormsecurity.com/files/165209/red-hat-security-advisory-2021-5038-04.html

Trust: 0.6

url:https://packetstormsecurity.com/files/165096/red-hat-security-advisory-2021-4845-05.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0493

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021060128

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2526

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3935

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4229

Trust: 0.6

url:https://packetstormsecurity.com/files/165002/red-hat-security-advisory-2021-4032-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/165099/red-hat-security-advisory-2021-4848-07.html

Trust: 0.6

url:https://packetstormsecurity.com/files/166051/red-hat-security-advisory-2022-0580-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2494

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2295

Trust: 0.6

url:https://packetstormsecurity.com/files/163637/ubuntu-security-notice-usn-5021-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/165758/red-hat-security-advisory-2022-0318-06.html

Trust: 0.6

url:https://packetstormsecurity.com/files/166308/red-hat-security-advisory-2022-0842-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022031104

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2021-3580

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-24370

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-20231

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-14155

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3200

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-33560

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-18218

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-16135

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-12762

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-36085

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-20838

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-13750

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-24370

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-13750

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-36086

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-28153

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-17595

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-13435

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-17595

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-20838

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-19603

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-13751

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-5827

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-17594

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-13435

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-36084

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-16135

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3445

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-14155

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-20232

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-36087

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-17594

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-19603

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-12762

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-18218

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3800

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-5827

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-13751

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3712

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-42574

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-22925

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-22876

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-27645

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-33574

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-35942

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-20231

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-20232

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-20673

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-14145

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-14145

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3572

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3778

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-23841

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-20673

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-23840

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20266

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3426

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3796

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-24407

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-28153

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3521

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25013

Trust: 0.2

url:https://access.redhat.com/security/vulnerabilities/rhsb-2021-009

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25012

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35522

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35524

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25013

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25009

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43527

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25014

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3564

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25012

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35521

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-44228

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-17541

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36331

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-31535

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36330

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36332

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25010

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-17541

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25014

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3481

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25009

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25010

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35523

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3573

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-36084

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23177

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23219

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:1081

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-33560

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3445

Trust: 0.1

url:https://open-policy-agent.github.io/gatekeeper/website/docs/howto/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3200

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3999

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31566

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23308

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3521

Trust: 0.1

url:https://catalog.redhat.com/software/containers/rhacm2/gatekeeper-rhel8/5fadb4a18d9a79d2f438a5d9.

Trust: 0.1

url:https://open-policy-agent.github.io/gatekeeper/website/docs/howto/.

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-43565

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-31566

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23177

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23806

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3580

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24504

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27777

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20239

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36158

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35448

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3635

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20284

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36386

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0427

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24586

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3348

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26140

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3487

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26146

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31440

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3732

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-0129

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10001

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24502

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0427

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23133

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26144

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3679

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36312

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29368

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24588

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29646

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3489

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29660

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26139

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28971

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14615

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26143

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3600

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26145

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33200

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29650

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33033

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20194

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26147

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31916

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10001

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24503

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14615

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24502

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:5137

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31829

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26141

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28950

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24587

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24503

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3659

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35524

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35522

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37136

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35523

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:5128

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37137

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21409

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html

Trust: 0.1

url:https://issues.jboss.org/):

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36330

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35521

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4511

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0465

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23434

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27645

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0185

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-22942

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0466

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25710

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-0920

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4122

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25710

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-40346

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0466

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23434

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0330

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0856

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/index

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25214

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25709

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0465

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3752

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25709

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4019

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4192

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html-single/install/index#installing

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3984

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4193

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-25214

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-0920

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3872

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-39241

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33938

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3757

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33930

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33928

Trust: 0.1

url:https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4848

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37750

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23841

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22947

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22946

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20266

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3948

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3733

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22947

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33929

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36222

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3620

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23840

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22946

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5894-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-43552

Trust: 0.1

sources: JVNDB: JVNDB-2021-008167 // PACKETSTORM: 166489 // PACKETSTORM: 165296 // PACKETSTORM: 165286 // PACKETSTORM: 164886 // PACKETSTORM: 166309 // PACKETSTORM: 165099 // PACKETSTORM: 171153 // CNNVD: CNNVD-202105-1685 // NVD: CVE-2021-22898

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 166489 // PACKETSTORM: 165296 // PACKETSTORM: 165286 // PACKETSTORM: 164886 // PACKETSTORM: 166309 // PACKETSTORM: 165099

SOURCES

db:VULMONid:CVE-2021-22898
db:JVNDBid:JVNDB-2021-008167
db:PACKETSTORMid:166489
db:PACKETSTORMid:165296
db:PACKETSTORMid:165286
db:PACKETSTORMid:164886
db:PACKETSTORMid:166309
db:PACKETSTORMid:165099
db:PACKETSTORMid:171153
db:CNNVDid:CNNVD-202105-1685
db:NVDid:CVE-2021-22898

LAST UPDATE DATE

2024-11-22T19:52:05.682000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2021-22898date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2021-008167date:2022-03-07T02:20:00
db:CNNVDid:CNNVD-202105-1685date:2023-06-05T00:00:00
db:NVDid:CVE-2021-22898date:2024-03-27T15:47:36.380

SOURCES RELEASE DATE

db:VULMONid:CVE-2021-22898date:2021-06-11T00:00:00
db:JVNDBid:JVNDB-2021-008167date:2022-03-07T00:00:00
db:PACKETSTORMid:166489date:2022-03-28T15:52:16
db:PACKETSTORMid:165296date:2021-12-15T15:27:05
db:PACKETSTORMid:165286date:2021-12-15T15:20:33
db:PACKETSTORMid:164886date:2021-11-10T17:12:32
db:PACKETSTORMid:166309date:2022-03-15T15:44:21
db:PACKETSTORMid:165099date:2021-11-30T14:44:48
db:PACKETSTORMid:171153date:2023-02-28T16:45:47
db:CNNVDid:CNNVD-202105-1685date:2021-05-26T00:00:00
db:NVDid:CVE-2021-22898date:2021-06-11T16:15:11.043