ID

VAR-202201-0073


CVE

CVE-2021-46143


TITLE

Red Hat Security Advisory 2022-1069-01

Trust: 0.1

sources: PACKETSTORM: 166496

DESCRIPTION

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. There is a vulnerability in Expat versions before 2.4.3. The vulnerability stems from the fact that m_groupSize in Expat's xmlparse.c does not correctly verify the data boundary when performing operations on memory, resulting in incorrect read and write operations to other associated memory locations. No detailed vulnerability details were provided at this time. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: expat security update Advisory ID: RHSA-2022:1069-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:1069 Issue date: 2022-03-28 CVE Names: CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 CVE-2022-23852 CVE-2022-25235 CVE-2022-25236 CVE-2022-25315 ==================================================================== 1. Summary: An update for expat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Expat is a C library for parsing XML documents. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, applications using the Expat library must be restarted for the update to take effect. 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: expat-2.1.0-14.el7_9.src.rpm x86_64: expat-2.1.0-14.el7_9.i686.rpm expat-2.1.0-14.el7_9.x86_64.rpm expat-debuginfo-2.1.0-14.el7_9.i686.rpm expat-debuginfo-2.1.0-14.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: expat-debuginfo-2.1.0-14.el7_9.i686.rpm expat-debuginfo-2.1.0-14.el7_9.x86_64.rpm expat-devel-2.1.0-14.el7_9.i686.rpm expat-devel-2.1.0-14.el7_9.x86_64.rpm expat-static-2.1.0-14.el7_9.i686.rpm expat-static-2.1.0-14.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: expat-2.1.0-14.el7_9.src.rpm x86_64: expat-2.1.0-14.el7_9.i686.rpm expat-2.1.0-14.el7_9.x86_64.rpm expat-debuginfo-2.1.0-14.el7_9.i686.rpm expat-debuginfo-2.1.0-14.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: expat-debuginfo-2.1.0-14.el7_9.i686.rpm expat-debuginfo-2.1.0-14.el7_9.x86_64.rpm expat-devel-2.1.0-14.el7_9.i686.rpm expat-devel-2.1.0-14.el7_9.x86_64.rpm expat-static-2.1.0-14.el7_9.i686.rpm expat-static-2.1.0-14.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: expat-2.1.0-14.el7_9.src.rpm ppc64: expat-2.1.0-14.el7_9.ppc.rpm expat-2.1.0-14.el7_9.ppc64.rpm expat-debuginfo-2.1.0-14.el7_9.ppc.rpm expat-debuginfo-2.1.0-14.el7_9.ppc64.rpm expat-devel-2.1.0-14.el7_9.ppc.rpm expat-devel-2.1.0-14.el7_9.ppc64.rpm ppc64le: expat-2.1.0-14.el7_9.ppc64le.rpm expat-debuginfo-2.1.0-14.el7_9.ppc64le.rpm expat-devel-2.1.0-14.el7_9.ppc64le.rpm s390x: expat-2.1.0-14.el7_9.s390.rpm expat-2.1.0-14.el7_9.s390x.rpm expat-debuginfo-2.1.0-14.el7_9.s390.rpm expat-debuginfo-2.1.0-14.el7_9.s390x.rpm expat-devel-2.1.0-14.el7_9.s390.rpm expat-devel-2.1.0-14.el7_9.s390x.rpm x86_64: expat-2.1.0-14.el7_9.i686.rpm expat-2.1.0-14.el7_9.x86_64.rpm expat-debuginfo-2.1.0-14.el7_9.i686.rpm expat-debuginfo-2.1.0-14.el7_9.x86_64.rpm expat-devel-2.1.0-14.el7_9.i686.rpm expat-devel-2.1.0-14.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: expat-debuginfo-2.1.0-14.el7_9.ppc.rpm expat-debuginfo-2.1.0-14.el7_9.ppc64.rpm expat-static-2.1.0-14.el7_9.ppc.rpm expat-static-2.1.0-14.el7_9.ppc64.rpm ppc64le: expat-debuginfo-2.1.0-14.el7_9.ppc64le.rpm expat-static-2.1.0-14.el7_9.ppc64le.rpm s390x: expat-debuginfo-2.1.0-14.el7_9.s390.rpm expat-debuginfo-2.1.0-14.el7_9.s390x.rpm expat-static-2.1.0-14.el7_9.s390.rpm expat-static-2.1.0-14.el7_9.s390x.rpm x86_64: expat-debuginfo-2.1.0-14.el7_9.i686.rpm expat-debuginfo-2.1.0-14.el7_9.x86_64.rpm expat-static-2.1.0-14.el7_9.i686.rpm expat-static-2.1.0-14.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: expat-2.1.0-14.el7_9.src.rpm x86_64: expat-2.1.0-14.el7_9.i686.rpm expat-2.1.0-14.el7_9.x86_64.rpm expat-debuginfo-2.1.0-14.el7_9.i686.rpm expat-debuginfo-2.1.0-14.el7_9.x86_64.rpm expat-devel-2.1.0-14.el7_9.i686.rpm expat-devel-2.1.0-14.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: expat-debuginfo-2.1.0-14.el7_9.i686.rpm expat-debuginfo-2.1.0-14.el7_9.x86_64.rpm expat-static-2.1.0-14.el7_9.i686.rpm expat-static-2.1.0-14.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-45960 https://access.redhat.com/security/cve/CVE-2021-46143 https://access.redhat.com/security/cve/CVE-2022-22822 https://access.redhat.com/security/cve/CVE-2022-22823 https://access.redhat.com/security/cve/CVE-2022-22824 https://access.redhat.com/security/cve/CVE-2022-22825 https://access.redhat.com/security/cve/CVE-2022-22826 https://access.redhat.com/security/cve/CVE-2022-22827 https://access.redhat.com/security/cve/CVE-2022-23852 https://access.redhat.com/security/cve/CVE-2022-25235 https://access.redhat.com/security/cve/CVE-2022-25236 https://access.redhat.com/security/cve/CVE-2022-25315 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYkHUz9zjgjWX9erEAQjleA//dK8XzyiK0FY595G0f3CKvLMTMTPEEqf7 3nIHiGzC/lD2o6Y/4ed1iRpndjGVndXyu03AnOFob9P3zqQKBOKiWYcnFNuANAyh WAVTDyjglJ5PvLQe31QHDT1N5KlzN/hskhhyIBgZ+mWq90amXHIX1Xgsy6x72lLD jJF5usHqz4EbIoOn8m0jjDibJFjOOFh2a3qxFnVuMA5+PrcsfnpdVa32I8EMH/sW TODqkz3XLSaaJNWzePOPwZshkriapmU9DqkWdiEVOgJDx0MAn3S5q5MUkHJWRM29 3ZFqQncDQYYYXp8J3AcdX2VXCok0vfIQLWWIvsoGvcpl94lhYsztBGZJttjiVNkV kPX6Wv/W2mMklW7tf0OQOo2Xyh0ZOwB5kfJq7+7SMXzh67M2ifT1Gq7RTAMUProX 3QDm9vVxI7oEBh7HcNychxTaeTwpA2HnGMkUxh0ZX4NkwaOMn0UEBCbxQNXBlPUe 0Qe6srsMV5GSBPk9LoCxpLy+cMc5mya7x1kNS/NZ1CKtqczj4/Oef21I2wqmG/xU 7s9H4o/29X9KhQrOL/sAkqRg2s0yz80Wz1opvXcTgkLj8kzOSN9bQF3ravXXCrUd oqM0cN5PPP/iTqkXs/Dc6HX/iRer15vJ3e4aNu7ZN8+l88mM2BBEmUaDt2ZOHPJb Fq9o8PxEr0c=KN+u -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary: The Migration Toolkit for Containers (MTC) 1.5.4 is now available. Description: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/): 1995656 - CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic 5. Description: Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Security Fix(es): * Openshift-Gitops: Improper access control allows admin privilege escalation (CVE-2022-1025) * argocd: path traversal and improper access control allows leaking out-of-bound files (CVE-2022-24730) * argocd: path traversal allows leaking out-of-bound files (CVE-2022-24731) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/): 2062751 - CVE-2022-24730 argocd: path traversal and improper access control allows leaking out-of-bound files 2062755 - CVE-2022-24731 argocd: path traversal allows leaking out-of-bound files 2064682 - CVE-2022-1025 Openshift-Gitops: Improper access control allows admin privilege escalation 5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202209-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Expat: Multiple Vulnerabilities Date: September 29, 2022 Bugs: #791703, #830422, #831918, #833431, #870097 ID: 202209-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/expat < 2.4.9 >= 2.4.9 Description ========== Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Expat users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">\xdev-libs/expat-2.4.9" References ========= [ 1 ] CVE-2021-45960 https://nvd.nist.gov/vuln/detail/CVE-2021-45960 [ 2 ] CVE-2021-46143 https://nvd.nist.gov/vuln/detail/CVE-2021-46143 [ 3 ] CVE-2022-22822 https://nvd.nist.gov/vuln/detail/CVE-2022-22822 [ 4 ] CVE-2022-22823 https://nvd.nist.gov/vuln/detail/CVE-2022-22823 [ 5 ] CVE-2022-22824 https://nvd.nist.gov/vuln/detail/CVE-2022-22824 [ 6 ] CVE-2022-22825 https://nvd.nist.gov/vuln/detail/CVE-2022-22825 [ 7 ] CVE-2022-22826 https://nvd.nist.gov/vuln/detail/CVE-2022-22826 [ 8 ] CVE-2022-22827 https://nvd.nist.gov/vuln/detail/CVE-2022-22827 [ 9 ] CVE-2022-23852 https://nvd.nist.gov/vuln/detail/CVE-2022-23852 [ 10 ] CVE-2022-23990 https://nvd.nist.gov/vuln/detail/CVE-2022-23990 [ 11 ] CVE-2022-25235 https://nvd.nist.gov/vuln/detail/CVE-2022-25235 [ 12 ] CVE-2022-25236 https://nvd.nist.gov/vuln/detail/CVE-2022-25236 [ 13 ] CVE-2022-25313 https://nvd.nist.gov/vuln/detail/CVE-2022-25313 [ 14 ] CVE-2022-25314 https://nvd.nist.gov/vuln/detail/CVE-2022-25314 [ 15 ] CVE-2022-25315 https://nvd.nist.gov/vuln/detail/CVE-2022-25315 [ 16 ] CVE-2022-40674 https://nvd.nist.gov/vuln/detail/CVE-2022-40674 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202209-24 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. After installing the updated packages, the httpd daemon will be restarted automatically

Trust: 1.62

sources: NVD: CVE-2021-46143 // VULHUB: VHN-411370 // PACKETSTORM: 166496 // PACKETSTORM: 166789 // PACKETSTORM: 166431 // PACKETSTORM: 166437 // PACKETSTORM: 168578 // PACKETSTORM: 169540 // PACKETSTORM: 169541

AFFECTED PRODUCTS

vendor:netappmodel:oncommand workflow automationscope:eqversion: -

Trust: 1.0

vendor:netappmodel:clustered data ontapscope:eqversion: -

Trust: 1.0

vendor:tenablemodel:nessusscope:gteversion:10.0.0

Trust: 1.0

vendor:netappmodel:solidfire \& hci management nodescope:eqversion: -

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:hci baseboard management controllerscope:eqversion:h610c

Trust: 1.0

vendor:tenablemodel:nessusscope:ltversion:8.15.3

Trust: 1.0

vendor:libexpatmodel:libexpatscope:ltversion:2.4.3

Trust: 1.0

vendor:tenablemodel:nessusscope:ltversion:10.1.1

Trust: 1.0

vendor:netappmodel:hci baseboard management controllerscope:eqversion:h610s

Trust: 1.0

vendor:netappmodel:hci baseboard management controllerscope:eqversion:h615c

Trust: 1.0

vendor:siemensmodel:sinema remote connect serverscope:ltversion:3.1

Trust: 1.0

sources: NVD: CVE-2021-46143

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-46143
value: HIGH

Trust: 1.0

cve@mitre.org: CVE-2021-46143
value: HIGH

Trust: 1.0

VULHUB: VHN-411370
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-46143
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-411370
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-46143
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

cve@mitre.org: CVE-2021-46143
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-411370 // NVD: CVE-2021-46143 // NVD: CVE-2021-46143

PROBLEMTYPE DATA

problemtype:CWE-190

Trust: 1.1

sources: VULHUB: VHN-411370 // NVD: CVE-2021-46143

TYPE

overflow, code execution

Trust: 0.3

sources: PACKETSTORM: 166496 // PACKETSTORM: 169540 // PACKETSTORM: 169541

EXTERNAL IDS

db:NVDid:CVE-2021-46143

Trust: 1.8

db:OPENWALLid:OSS-SECURITY/2022/01/17/3

Trust: 1.1

db:SIEMENSid:SSA-484086

Trust: 1.1

db:TENABLEid:TNS-2022-05

Trust: 1.1

db:PACKETSTORMid:166431

Trust: 0.2

db:PACKETSTORMid:169540

Trust: 0.2

db:PACKETSTORMid:166496

Trust: 0.2

db:PACKETSTORMid:169541

Trust: 0.2

db:PACKETSTORMid:166437

Trust: 0.2

db:PACKETSTORMid:168578

Trust: 0.2

db:PACKETSTORMid:166433

Trust: 0.1

db:PACKETSTORMid:167008

Trust: 0.1

db:PACKETSTORMid:169788

Trust: 0.1

db:PACKETSTORMid:166976

Trust: 0.1

db:PACKETSTORMid:166348

Trust: 0.1

db:PACKETSTORMid:166516

Trust: 0.1

db:CNVDid:CNVD-2022-04545

Trust: 0.1

db:VULHUBid:VHN-411370

Trust: 0.1

db:PACKETSTORMid:166789

Trust: 0.1

sources: VULHUB: VHN-411370 // PACKETSTORM: 166496 // PACKETSTORM: 166789 // PACKETSTORM: 166431 // PACKETSTORM: 166437 // PACKETSTORM: 168578 // PACKETSTORM: 169540 // PACKETSTORM: 169541 // NVD: CVE-2021-46143

REFERENCES

url:https://security.gentoo.org/glsa/202209-24

Trust: 1.2

url:https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20220121-0006/

Trust: 1.1

url:https://www.tenable.com/security/tns-2022-05

Trust: 1.1

url:https://www.debian.org/security/2022/dsa-5073

Trust: 1.1

url:https://github.com/libexpat/libexpat/issues/532

Trust: 1.1

url:https://github.com/libexpat/libexpat/pull/538

Trust: 1.1

url:http://www.openwall.com/lists/oss-security/2022/01/17/3

Trust: 1.1

url:https://access.redhat.com/security/cve/cve-2022-22825

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-22822

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2021-45960

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-25235

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-22826

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-22824

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-45960

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-22822

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-25315

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-22826

Trust: 0.6

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-22827

Trust: 0.6

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-46143

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-23852

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-22825

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-22827

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-22823

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-25236

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-22823

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-22824

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-23852

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2021-46143

Trust: 0.6

url:https://access.redhat.com/articles/11258

Trust: 0.5

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-25315

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-25236

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-25235

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-25710

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-23308

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-25710

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-31566

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-23177

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3999

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-25709

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-23219

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-23218

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-23177

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-31566

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-24407

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-25709

Trust: 0.3

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0392

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0261

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0413

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0361

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0359

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0318

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1025

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-23219

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-24407

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-24731

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-23218

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3999

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-24730

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-23308

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-24730

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1025

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-33193

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-44224

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-25313

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-36160

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-39275

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-41524

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-33193

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-41524

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-23990

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-25314

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-44224

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-36160

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-39275

Trust: 0.2

url:https://access.redhat.com/errata/rhsa-2022:1069

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22925

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19603

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0492

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20838

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-21684

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12762

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36085

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-16135

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4154

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36084

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20231

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20232

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28153

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-41190

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3445

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36086

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4122

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17594

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36087

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22898

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-42574

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5827

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19603

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13435

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-0920

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33560

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-16135

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17595

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13751

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3426

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-22817

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3572

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20232

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20838

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22925

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0847

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-44716

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:1396

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17594

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22876

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12762

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-3577

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13435

Trust: 0.1

url:https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36221

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28153

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0435

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0532

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22876

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-22942

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2014-3577

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22898

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0330

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0516

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-22816

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3580

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3800

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21684

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13751

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17595

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3200

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24370

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20231

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24370

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0778

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5827

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3521

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-0920

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-44717

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:1042

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0361

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0261

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0318

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0811

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0811

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0413

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0359

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0392

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-24731

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:1039

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-40674

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-25314

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-23990

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-25313

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:7144

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:7143

Trust: 0.1

sources: VULHUB: VHN-411370 // PACKETSTORM: 166496 // PACKETSTORM: 166789 // PACKETSTORM: 166431 // PACKETSTORM: 166437 // PACKETSTORM: 168578 // PACKETSTORM: 169540 // PACKETSTORM: 169541 // NVD: CVE-2021-46143

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 166496 // PACKETSTORM: 166789 // PACKETSTORM: 166431 // PACKETSTORM: 166437 // PACKETSTORM: 169540 // PACKETSTORM: 169541

SOURCES

db:VULHUBid:VHN-411370
db:PACKETSTORMid:166496
db:PACKETSTORMid:166789
db:PACKETSTORMid:166431
db:PACKETSTORMid:166437
db:PACKETSTORMid:168578
db:PACKETSTORMid:169540
db:PACKETSTORMid:169541
db:NVDid:CVE-2021-46143

LAST UPDATE DATE

2024-11-20T21:34:02.254000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-411370date:2022-10-06T00:00:00
db:NVDid:CVE-2021-46143date:2022-10-06T19:11:54.880

SOURCES RELEASE DATE

db:VULHUBid:VHN-411370date:2022-01-06T00:00:00
db:PACKETSTORMid:166496date:2022-03-28T15:54:26
db:PACKETSTORMid:166789date:2022-04-20T15:12:33
db:PACKETSTORMid:166431date:2022-03-24T14:34:35
db:PACKETSTORMid:166437date:2022-03-24T14:40:17
db:PACKETSTORMid:168578date:2022-09-30T14:56:43
db:PACKETSTORMid:169540date:2022-10-27T13:05:19
db:PACKETSTORMid:169541date:2022-10-27T13:05:26
db:NVDid:CVE-2021-46143date:2022-01-06T04:15:07.017