ID

VAR-202108-2221


CVE

CVE-2021-22925


TITLE

cURL  Vulnerability in using uninitialized resources in

Trust: 0.8

sources: JVNDB: JVNDB-2021-009763

DESCRIPTION

curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application. cURL There is a vulnerability in the use of uninitialized resources.Information may be obtained. A has been found in curl. The fix for CVE-2021-22898 doesn't remedy the vulnerability. The highest threat from this vulnerability is to confidentiality. Bugs fixed (https://bugzilla.redhat.com/): 1944888 - CVE-2021-21409 netty: Request smuggling via content-length header 2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data 2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way 2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value 5. JIRA issues fixed (https://issues.jboss.org/): LOG-1775 - [release-5.2] Syslog output is serializing json incorrectly LOG-1824 - [release-5.2] Rejected by Elasticsearch and unexpected json-parsing LOG-1963 - [release-5.2] CLO panic: runtime error: slice bounds out of range [:-1] LOG-1970 - Applying cluster state is causing elasticsearch to hit an issue and become unusable 6. Description: Red Hat Advanced Cluster Management for Kubernetes 2.2.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console — with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/ Security updates: * object-path: Type confusion vulnerability can lead to a bypass of CVE-2020-15256 (CVE-2021-23434) * follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155) Related bugs: * RHACM 2.2.11 images (Bugzilla #2029508) * ClusterImageSet has 4.5 which is not supported in ACM 2.2.10 (Bugzilla #2030859) 3. Bugs fixed (https://bugzilla.redhat.com/): 1999810 - CVE-2021-23434 object-path: Type confusion vulnerability can lead to a bypass of CVE-2020-15256 2029508 - RHACM 2.2.11 images 2030859 - ClusterImageSet has 4.5 which is not supported in ACM 2.2.10 2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor 5. Summary: An update is now available for OpenShift Logging 5.3. Bugs fixed (https://bugzilla.redhat.com/): 1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment 5. JIRA issues fixed (https://issues.jboss.org/): LOG-1168 - Disable hostname verification in syslog TLS settings LOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd LOG-1375 - ssl_ca_cert should be optional LOG-1378 - CLO should support sasl_plaintext(Password over http) LOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate LOG-1494 - Syslog output is serializing json incorrectly LOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server LOG-1575 - Rejected by Elasticsearch and unexpected json-parsing LOG-1735 - Regression introducing flush_at_shutdown LOG-1774 - The collector logs should be excluded in fluent.conf LOG-1776 - fluentd total_limit_size sets value beyond available space LOG-1822 - OpenShift Alerting Rules Style-Guide Compliance LOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled LOG-1862 - Unsupported kafka parameters when enabled Kafka SASL LOG-1903 - Fix the Display of ClusterLogging type in OLM LOG-1911 - CLF API changes to Opt-in to multiline error detection LOG-1918 - Alert `FluentdNodeDown` always firing LOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding 6. Bugs fixed (https://bugzilla.redhat.com/): 1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic 1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet 1997017 - unprivileged client fails to get guest agent data 1998855 - Node drain: Sometimes source virt-launcher pod status is Failed and not Completed 2000251 - RoleBinding and ClusterRoleBinding brought in by kubevirt does not get reconciled when kind is ServiceAccount 2001270 - [VMIO] [Warm from Vmware] Snapshot files are not deleted after Successful Import 2001281 - [VMIO] [Warm from VMware] Source VM should not be turned ON if vmio import is removed 2001901 - [4.8.3] NNCP creation failures after nmstate-handler pod deletion 2007336 - 4.8.3 containers 2007776 - Failed to Migrate Windows VM with CDROM (readonly) 2008511 - [CNV-4.8.3] VMI is in LiveMigrate loop when Upgrading Cluster from 2.6.7/4.7.32 to OCP 4.8.13 2012890 - With descheduler during multiple VMIs migrations, some VMs are restarted 2025475 - [4.8.3] Upgrade from 2.6 to 4.x versions failed due to vlan-filtering issues 2026881 - [4.8.3] vlan-filtering is getting applied on veth ports 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat OpenShift Container Storage 4.8.5 Security and Bug Fix Update Advisory ID: RHSA-2021:4845-01 Product: Red Hat OpenShift Container Storage Advisory URL: https://access.redhat.com/errata/RHSA-2021:4845 Issue date: 2021-11-29 CVE Names: CVE-2019-5827 CVE-2019-13750 CVE-2019-13751 CVE-2019-17594 CVE-2019-17595 CVE-2019-18218 CVE-2019-19603 CVE-2019-20838 CVE-2020-8037 CVE-2020-12762 CVE-2020-13435 CVE-2020-14155 CVE-2020-16135 CVE-2020-24370 CVE-2020-26301 CVE-2020-28493 CVE-2021-3200 CVE-2021-3426 CVE-2021-3445 CVE-2021-3572 CVE-2021-3580 CVE-2021-3778 CVE-2021-3796 CVE-2021-3800 CVE-2021-20095 CVE-2021-20231 CVE-2021-20232 CVE-2021-20266 CVE-2021-22876 CVE-2021-22898 CVE-2021-22925 CVE-2021-23840 CVE-2021-23841 CVE-2021-27645 CVE-2021-28153 CVE-2021-28957 CVE-2021-33560 CVE-2021-33574 CVE-2021-35942 CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 CVE-2021-42574 CVE-2021-42771 ==================================================================== 1. Summary: An update is now available for Red Hat OpenShift Container Storage 4.8.5 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provides a multicloud data management service with an S3 compatible API. Security Fix(es): * nodejs-ssh2: Command injection by calling vulnerable method with untrusted input (CVE-2020-26301) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Previously, when the namespace store target was deleted, no alert was sent to the namespace bucket because of an issue in calculating the namespace bucket health. With this update, the issue in calculating the namespace bucket health is fixed and alerts are triggered as expected. (BZ#1993873) * Previously, the Multicloud Object Gateway (MCG) components performed slowly and there was a lot of pressure on the MCG components due to non-optimized database queries. With this update the non-optimized database queries are fixed which reduces the compute resources and time taken for queries. (BZ#2015939) Red Hat recommends that all users of OpenShift Container Storage apply this update to fix these issues. 3. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 1993873 - [4.8.z clone] Alert NooBaaNamespaceBucketErrorState is not triggered when namespacestore's target bucket is deleted 2006958 - CVE-2020-26301 nodejs-ssh2: Command injection by calling vulnerable method with untrusted input 5. References: https://access.redhat.com/security/cve/CVE-2019-5827 https://access.redhat.com/security/cve/CVE-2019-13750 https://access.redhat.com/security/cve/CVE-2019-13751 https://access.redhat.com/security/cve/CVE-2019-17594 https://access.redhat.com/security/cve/CVE-2019-17595 https://access.redhat.com/security/cve/CVE-2019-18218 https://access.redhat.com/security/cve/CVE-2019-19603 https://access.redhat.com/security/cve/CVE-2019-20838 https://access.redhat.com/security/cve/CVE-2020-8037 https://access.redhat.com/security/cve/CVE-2020-12762 https://access.redhat.com/security/cve/CVE-2020-13435 https://access.redhat.com/security/cve/CVE-2020-14155 https://access.redhat.com/security/cve/CVE-2020-16135 https://access.redhat.com/security/cve/CVE-2020-24370 https://access.redhat.com/security/cve/CVE-2020-26301 https://access.redhat.com/security/cve/CVE-2020-28493 https://access.redhat.com/security/cve/CVE-2021-3200 https://access.redhat.com/security/cve/CVE-2021-3426 https://access.redhat.com/security/cve/CVE-2021-3445 https://access.redhat.com/security/cve/CVE-2021-3572 https://access.redhat.com/security/cve/CVE-2021-3580 https://access.redhat.com/security/cve/CVE-2021-3778 https://access.redhat.com/security/cve/CVE-2021-3796 https://access.redhat.com/security/cve/CVE-2021-3800 https://access.redhat.com/security/cve/CVE-2021-20095 https://access.redhat.com/security/cve/CVE-2021-20231 https://access.redhat.com/security/cve/CVE-2021-20232 https://access.redhat.com/security/cve/CVE-2021-20266 https://access.redhat.com/security/cve/CVE-2021-22876 https://access.redhat.com/security/cve/CVE-2021-22898 https://access.redhat.com/security/cve/CVE-2021-22925 https://access.redhat.com/security/cve/CVE-2021-23840 https://access.redhat.com/security/cve/CVE-2021-23841 https://access.redhat.com/security/cve/CVE-2021-27645 https://access.redhat.com/security/cve/CVE-2021-28153 https://access.redhat.com/security/cve/CVE-2021-28957 https://access.redhat.com/security/cve/CVE-2021-33560 https://access.redhat.com/security/cve/CVE-2021-33574 https://access.redhat.com/security/cve/CVE-2021-35942 https://access.redhat.com/security/cve/CVE-2021-36084 https://access.redhat.com/security/cve/CVE-2021-36085 https://access.redhat.com/security/cve/CVE-2021-36086 https://access.redhat.com/security/cve/CVE-2021-36087 https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/cve/CVE-2021-42771 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYaTmwtzjgjWX9erEAQiaNhAAlr3+bFLFjRQ2l7VN2PTQ0i7orLBDvxOm ET3lUXgy7WOJl+AD7SgB9ILTdj1vrS1IplbhISNREDCeT9PdOZm1jExlJFVCWFuX QRXz4qpAga+42/5qgDhRcYwW4gcLRzKBmEx0R+pRYU71r/Uiz8wv12mo4kfkxICT prZitHSzkh+ER1BHXbVp6cZxWN7s6BD2D+e/tr2/Hh6IvFkIpfrR2aolasbkebQd HxP6gJDNihvlIAcdjft0xJzdqkAJ+Y/KtuFxHhJbWRG1wfMNV3mf8ebv9qDyojTU 4js1ai82zVqJwZWvZ6ryJltuQBjdPYKGt/ZgzuzzN4CULk7GWt6JGZ7BtswICt9N TiYDfKaD5gADA7f/PTwk4TgjMuxQWFi08bZiJ/ajp2KxzMqoOQhVaVUz5XoeCEaS wGgDxGP0r+2TISbZ+Fc4yPARZRPeUbuNeAPG67isliR+gMofbfuunSNNdN9IzfsT Xp2RyIIoPWf5PzM704VN/B0kv7gkij06bcZ2wBqwmDMJH8aG6ksXe7gjGfFeGoxY BXHI2oZoprsh0TlVRTffRHRc0/0PwYGAUG/lI919gXS5bUhZoK81+MlxNg7uzxtu vbhW2EhwWM/5wqbuyS0P1w/mpS+2mi+QBr/NfxM3+mAx7vFxJKKhCST0dfQtjbqn UnaUyPeShL0=/IPR -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202212-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: curl: Multiple Vulnerabilities Date: December 19, 2022 Bugs: #803308, #813270, #841302, #843824, #854708, #867679, #878365 ID: 202212-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. Background ========= A command line tool and library for transferring data with URLs. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/curl < 7.86.0 >= 7.86.0 Description ========== Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All curl users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/curl-7.86.0" References ========= [ 1 ] CVE-2021-22922 https://nvd.nist.gov/vuln/detail/CVE-2021-22922 [ 2 ] CVE-2021-22923 https://nvd.nist.gov/vuln/detail/CVE-2021-22923 [ 3 ] CVE-2021-22925 https://nvd.nist.gov/vuln/detail/CVE-2021-22925 [ 4 ] CVE-2021-22926 https://nvd.nist.gov/vuln/detail/CVE-2021-22926 [ 5 ] CVE-2021-22945 https://nvd.nist.gov/vuln/detail/CVE-2021-22945 [ 6 ] CVE-2021-22946 https://nvd.nist.gov/vuln/detail/CVE-2021-22946 [ 7 ] CVE-2021-22947 https://nvd.nist.gov/vuln/detail/CVE-2021-22947 [ 8 ] CVE-2022-22576 https://nvd.nist.gov/vuln/detail/CVE-2022-22576 [ 9 ] CVE-2022-27774 https://nvd.nist.gov/vuln/detail/CVE-2022-27774 [ 10 ] CVE-2022-27775 https://nvd.nist.gov/vuln/detail/CVE-2022-27775 [ 11 ] CVE-2022-27776 https://nvd.nist.gov/vuln/detail/CVE-2022-27776 [ 12 ] CVE-2022-27779 https://nvd.nist.gov/vuln/detail/CVE-2022-27779 [ 13 ] CVE-2022-27780 https://nvd.nist.gov/vuln/detail/CVE-2022-27780 [ 14 ] CVE-2022-27781 https://nvd.nist.gov/vuln/detail/CVE-2022-27781 [ 15 ] CVE-2022-27782 https://nvd.nist.gov/vuln/detail/CVE-2022-27782 [ 16 ] CVE-2022-30115 https://nvd.nist.gov/vuln/detail/CVE-2022-30115 [ 17 ] CVE-2022-32205 https://nvd.nist.gov/vuln/detail/CVE-2022-32205 [ 18 ] CVE-2022-32206 https://nvd.nist.gov/vuln/detail/CVE-2022-32206 [ 19 ] CVE-2022-32207 https://nvd.nist.gov/vuln/detail/CVE-2022-32207 [ 20 ] CVE-2022-32208 https://nvd.nist.gov/vuln/detail/CVE-2022-32208 [ 21 ] CVE-2022-32221 https://nvd.nist.gov/vuln/detail/CVE-2022-32221 [ 22 ] CVE-2022-35252 https://nvd.nist.gov/vuln/detail/CVE-2022-35252 [ 23 ] CVE-2022-35260 https://nvd.nist.gov/vuln/detail/CVE-2022-35260 [ 24 ] CVE-2022-42915 https://nvd.nist.gov/vuln/detail/CVE-2022-42915 [ 25 ] CVE-2022-42916 https://nvd.nist.gov/vuln/detail/CVE-2022-42916 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202212-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 2.34

sources: NVD: CVE-2021-22925 // JVNDB: JVNDB-2021-009763 // VULHUB: VHN-381399 // VULMON: CVE-2021-22925 // PACKETSTORM: 165287 // PACKETSTORM: 166309 // PACKETSTORM: 164967 // PACKETSTORM: 165135 // PACKETSTORM: 165096 // PACKETSTORM: 170303

AFFECTED PRODUCTS

vendor:netappmodel:h300sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h410sscope:eqversion: -

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.0.1

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:eqversion:9.1.0

Trust: 1.0

vendor:netappmodel:h700sscope:eqversion: -

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.3

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.3.1

Trust: 1.0

vendor:siemensmodel:sinema remote connect serverscope:ltversion:3.1

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.4

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:ltversion:9.0.6

Trust: 1.0

vendor:siemensmodel:sinec infrastructure network servicesscope:ltversion:1.0.1.1

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:gteversion:9.0.0

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.1.0

Trust: 1.0

vendor:oraclemodel:mysql serverscope:lteversion:8.0.26

Trust: 1.0

vendor:netappmodel:hci management nodescope:eqversion: -

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.2.1

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:33

Trust: 1.0

vendor:oraclemodel:mysql serverscope:gteversion:5.7.0

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:gteversion:8.2.0

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.5

Trust: 1.0

vendor:netappmodel:solidfirescope:eqversion: -

Trust: 1.0

vendor:oraclemodel:mysql serverscope:gteversion:8.0.0

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.2

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.0

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:ltversion:8.2.12

Trust: 1.0

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.58

Trust: 1.0

vendor:netappmodel:clustered data ontapscope:eqversion: -

Trust: 1.0

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.57

Trust: 1.0

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.59

Trust: 1.0

vendor:netappmodel:h500escope:eqversion: -

Trust: 1.0

vendor:netappmodel:h700escope:eqversion: -

Trust: 1.0

vendor:oraclemodel:mysql serverscope:lteversion:5.7.35

Trust: 1.0

vendor:netappmodel:h300escope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:haxxmodel:curlscope:ltversion:7.78.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:netappmodel:h500sscope:eqversion: -

Trust: 1.0

vendor:haxxmodel:curlscope:gteversion:7.7

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.1

Trust: 1.0

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:netappmodel:solidfirescope: - version: -

Trust: 0.8

vendor:オラクルmodel:mysqlscope: - version: -

Trust: 0.8

vendor:オラクルmodel:peoplesoft enterprise peopletoolsscope: - version: -

Trust: 0.8

vendor:haxxmodel:curlscope: - version: -

Trust: 0.8

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:netappmodel:hci management nodescope: - version: -

Trust: 0.8

vendor:fedoramodel:fedorascope: - version: -

Trust: 0.8

vendor:シーメンスmodel:sinec infrastructure network servicesscope: - version: -

Trust: 0.8

vendor:netappmodel:clustered data ontapscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-009763 // NVD: CVE-2021-22925

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-22925
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-22925
value: MEDIUM

Trust: 0.8

VULHUB: VHN-381399
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-22925
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-381399
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-22925
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2021-22925
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-381399 // JVNDB: JVNDB-2021-009763 // NVD: CVE-2021-22925

PROBLEMTYPE DATA

problemtype:CWE-908

Trust: 1.1

problemtype:CWE-200

Trust: 1.0

problemtype:Use of uninitialized resources (CWE-908) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-381399 // JVNDB: JVNDB-2021-009763 // NVD: CVE-2021-22925

TYPE

code execution

Trust: 0.2

sources: PACKETSTORM: 165287 // PACKETSTORM: 165096

PATCH

title:Oracle Critical Patch Update Advisory - October 2021 Siemens Siemens Security Advisoryurl:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/

Trust: 0.8

title:Red Hat: CVE-2021-22925url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-22925

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-22925 log

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-61] libcurl-compat: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-61

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-60] lib32-curl: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-60

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-64] lib32-libcurl-gnutls: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-64

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-62] lib32-libcurl-compat: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-62

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-63] libcurl-gnutls: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-63

Trust: 0.1

title:Arch Linux Advisories: [ASA-202107-59] curl: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-59

Trust: 0.1

sources: VULMON: CVE-2021-22925 // JVNDB: JVNDB-2021-009763

EXTERNAL IDS

db:NVDid:CVE-2021-22925

Trust: 3.4

db:HACKERONEid:1223882

Trust: 1.9

db:SIEMENSid:SSA-389290

Trust: 1.1

db:SIEMENSid:SSA-484086

Trust: 1.1

db:JVNid:JVNVU91709091

Trust: 0.8

db:ICS CERTid:ICSA-22-069-09

Trust: 0.8

db:JVNDBid:JVNDB-2021-009763

Trust: 0.8

db:PACKETSTORMid:165096

Trust: 0.2

db:PACKETSTORMid:165135

Trust: 0.2

db:PACKETSTORMid:170303

Trust: 0.2

db:PACKETSTORMid:166309

Trust: 0.2

db:PACKETSTORMid:165209

Trust: 0.1

db:PACKETSTORMid:165862

Trust: 0.1

db:PACKETSTORMid:165099

Trust: 0.1

db:PACKETSTORMid:166051

Trust: 0.1

db:PACKETSTORMid:166308

Trust: 0.1

db:PACKETSTORMid:166489

Trust: 0.1

db:PACKETSTORMid:165633

Trust: 0.1

db:PACKETSTORMid:165002

Trust: 0.1

db:PACKETSTORMid:164886

Trust: 0.1

db:PACKETSTORMid:165758

Trust: 0.1

db:PACKETSTORMid:165129

Trust: 0.1

db:VULHUBid:VHN-381399

Trust: 0.1

db:VULMONid:CVE-2021-22925

Trust: 0.1

db:PACKETSTORMid:165287

Trust: 0.1

db:PACKETSTORMid:164967

Trust: 0.1

sources: VULHUB: VHN-381399 // VULMON: CVE-2021-22925 // JVNDB: JVNDB-2021-009763 // PACKETSTORM: 165287 // PACKETSTORM: 166309 // PACKETSTORM: 164967 // PACKETSTORM: 165135 // PACKETSTORM: 165096 // PACKETSTORM: 170303 // NVD: CVE-2021-22925

REFERENCES

url:https://hackerone.com/reports/1223882

Trust: 1.9

url:https://security.gentoo.org/glsa/202212-01

Trust: 1.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-22925

Trust: 1.2

url:https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

Trust: 1.1

url:https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20210902-0003/

Trust: 1.1

url:https://support.apple.com/kb/ht212804

Trust: 1.1

url:https://support.apple.com/kb/ht212805

Trust: 1.1

url:http://seclists.org/fulldisclosure/2021/sep/39

Trust: 1.1

url:http://seclists.org/fulldisclosure/2021/sep/40

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpujan2022.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuoct2021.html

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/frucw2uvnyudzf72dqlfqr4pjec6cf7v/

Trust: 1.0

url:https://jvn.jp/vu/jvnvu91709091/

Trust: 0.8

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-069-09

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2021-22925

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-16135

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3200

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-5827

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-27645

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-33574

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-13435

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-5827

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-24370

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-13751

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-19603

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-35942

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-17594

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-24370

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3572

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-12762

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-36086

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-13750

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-13751

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-22898

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-12762

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-16135

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-36084

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-17594

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3800

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-36087

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3445

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-13435

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-19603

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-18218

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-20232

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-20838

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-22876

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-20231

Trust: 0.5

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-14155

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-20838

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-36085

Trust: 0.5

url:https://bugzilla.redhat.com/):

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-33560

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-17595

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-42574

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-14155

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-28153

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-13750

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3426

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2019-18218

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-3580

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-17595

Trust: 0.5

url:https://access.redhat.com/security/team/contact/

Trust: 0.5

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2021-20266

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-20231

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-20232

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-22898

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-22876

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-23841

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-23840

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3778

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3796

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-25013

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25012

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35522

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35524

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25013

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25009

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-14145

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25014

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-14145

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25012

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35521

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-17541

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36331

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3712

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-31535

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36330

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36332

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25010

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-17541

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25014

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20317

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43267

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3481

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25009

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25010

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35523

Trust: 0.2

url:https://issues.jboss.org/):

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-27645

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3564

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3573

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-20673

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-20673

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-28950

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-22946

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20266

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-22947

Trust: 0.2

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/frucw2uvnyudzf72dqlfqr4pjec6cf7v/

Trust: 0.1

url:https://security.archlinux.org/cve-2021-22925

Trust: 0.1

url:https://access.redhat.com/security/vulnerabilities/rhsb-2021-009

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-43527

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35524

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35522

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37136

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-44228

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35523

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37137

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21409

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36331

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36330

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:5127

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35521

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0465

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23434

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0185

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28153

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-22942

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0466

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25710

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-0920

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4122

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25710

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-40346

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0466

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23434

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0330

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0856

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/index

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25214

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25709

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0465

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3752

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25709

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4019

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4192

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html-single/install/index#installing

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3984

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4193

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24407

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-25214

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-0920

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3872

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-39241

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3521

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23133

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26141

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27777

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26147

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14615

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36386

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29650

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24587

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26144

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33033

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3487

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0427

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36312

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31829

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10001

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31440

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26145

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10001

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35448

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3489

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24503

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28971

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26146

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26139

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3679

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24588

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36158

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24504

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33194

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3348

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24503

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20284

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29646

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0427

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14615

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24502

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-0129

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3635

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26143

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29368

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20194

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3659

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33200

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29660

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26140

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3600

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24586

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20239

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24502

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3732

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4627

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31916

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25648

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36385

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33938

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-34558

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33930

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33928

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-0512

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22947

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29923

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-0512

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3733

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36385

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20317

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4914

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25648

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33929

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36222

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3656

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22946

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4845

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20095

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23841

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28493

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-42771

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26301

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-26301

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28957

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8037

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-8037

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23840

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20095

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28493

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22922

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27782

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27776

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27779

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30115

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22576

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-35260

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22926

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27781

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22945

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32208

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32206

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32207

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27774

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27775

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32205

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27780

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-35252

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42916

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42915

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22923

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32221

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

sources: VULHUB: VHN-381399 // VULMON: CVE-2021-22925 // JVNDB: JVNDB-2021-009763 // PACKETSTORM: 165287 // PACKETSTORM: 166309 // PACKETSTORM: 164967 // PACKETSTORM: 165135 // PACKETSTORM: 165096 // PACKETSTORM: 170303 // NVD: CVE-2021-22925

CREDITS

Red Hat

Trust: 0.5

sources: PACKETSTORM: 165287 // PACKETSTORM: 166309 // PACKETSTORM: 164967 // PACKETSTORM: 165135 // PACKETSTORM: 165096

SOURCES

db:VULHUBid:VHN-381399
db:VULMONid:CVE-2021-22925
db:JVNDBid:JVNDB-2021-009763
db:PACKETSTORMid:165287
db:PACKETSTORMid:166309
db:PACKETSTORMid:164967
db:PACKETSTORMid:165135
db:PACKETSTORMid:165096
db:PACKETSTORMid:170303
db:NVDid:CVE-2021-22925

LAST UPDATE DATE

2024-11-11T21:08:25.075000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-381399date:2023-01-05T00:00:00
db:JVNDBid:JVNDB-2021-009763date:2022-05-19T08:09:00
db:NVDid:CVE-2021-22925date:2024-03-27T15:11:42.063

SOURCES RELEASE DATE

db:VULHUBid:VHN-381399date:2021-08-05T00:00:00
db:JVNDBid:JVNDB-2021-009763date:2022-05-19T00:00:00
db:PACKETSTORMid:165287date:2021-12-15T15:20:43
db:PACKETSTORMid:166309date:2022-03-15T15:44:21
db:PACKETSTORMid:164967date:2021-11-15T17:25:56
db:PACKETSTORMid:165135date:2021-12-03T16:41:45
db:PACKETSTORMid:165096date:2021-11-29T18:12:32
db:PACKETSTORMid:170303date:2022-12-19T13:48:31
db:NVDid:CVE-2021-22925date:2021-08-05T21:15:11.467