ID

VAR-202202-0887


CVE

CVE-2022-21654


TITLE

Envoy  Certificate validation vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2022-006114

DESCRIPTION

Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade. Envoy Exists in a certificate validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. No detailed vulnerability details are currently available. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat OpenShift Service Mesh 2.0.9 security update Advisory ID: RHSA-2022:1276-01 Product: Red Hat OpenShift Service Mesh Advisory URL: https://access.redhat.com/errata/RHSA-2022:1276 Issue date: 2022-04-07 CVE Names: CVE-2020-28851 CVE-2020-28852 CVE-2021-3121 CVE-2021-3749 CVE-2021-29482 CVE-2021-29923 CVE-2021-36221 CVE-2021-43565 CVE-2021-43824 CVE-2021-43825 CVE-2021-43826 CVE-2022-21654 CVE-2022-21655 CVE-2022-23606 CVE-2022-23635 CVE-2022-24726 ===================================================================== 1. Summary: Red Hat OpenShift Service Mesh 2.0.9. Red Hat Product Security has rated this update as having a security impact of Important. 2. Relevant releases/architectures: 2.0 - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * envoy: Incorrect configuration handling allows mTLS session re-use without re-validation (CVE-2022-21654) * envoy: Incorrect handling of internal redirects to routes with a direct response entry (CVE-2022-21655) * istio: Unauthenticated control plane denial of service attack due to stack exhaustion (CVE-2022-24726) * golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing - -u- extension (CVE-2020-28851) * golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852) * nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749) * ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482) * golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923) * golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221) * golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565) * envoy: Null pointer dereference when using JWT filter safe_regex match (CVE-2021-43824) * envoy: Use-after-free when response filters increase response data (CVE-2021-43825) * envoy: Use-after-free when tunneling TCP over HTTP (CVE-2021-43826) * envoy: Stack exhaustion when a cluster is deleted via Cluster Discovery Service (CVE-2022-23606) * istio: unauthenticated control plane denial of service attack (CVE-2022-23635) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: The OpenShift Service Mesh release notes provide information on the features and known issues: https://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html 5. Bugs fixed (https://bugzilla.redhat.com/): 1913333 - CVE-2020-28851 golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension 1913338 - CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1954368 - CVE-2021-29482 ulikunitz/xz: Infinite loop in readUvarint allows for denial of service 1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet 1995656 - CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic 1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function 2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic 2050744 - CVE-2021-43824 envoy: Null pointer dereference when using JWT filter safe_regex match 2050746 - CVE-2021-43825 envoy: Use-after-free when response filters increase response data 2050748 - CVE-2021-43826 envoy: Use-after-free when tunneling TCP over HTTP 2050753 - CVE-2022-21654 envoy: Incorrect configuration handling allows mTLS session re-use without re-validation 2050757 - CVE-2022-21655 envoy: Incorrect handling of internal redirects to routes with a direct response entry 2050758 - CVE-2022-23606 envoy: Stack exhaustion when a cluster is deleted via Cluster Discovery Service 2057277 - CVE-2022-23635 istio: unauthenticated control plane denial of service attack 2061638 - CVE-2022-24726 istio: Unauthenticated control plane denial of service attack due to stack exhaustion 6. Package List: 2.0: Source: kiali-v1.24.7.redhat1-1.el8.src.rpm servicemesh-2.0.9-3.el8.src.rpm servicemesh-cni-2.0.9-3.el8.src.rpm servicemesh-operator-2.0.9-3.el8.src.rpm servicemesh-prometheus-2.14.0-16.el8.1.src.rpm servicemesh-proxy-2.0.9-3.el8.src.rpm ppc64le: kiali-v1.24.7.redhat1-1.el8.ppc64le.rpm servicemesh-2.0.9-3.el8.ppc64le.rpm servicemesh-cni-2.0.9-3.el8.ppc64le.rpm servicemesh-istioctl-2.0.9-3.el8.ppc64le.rpm servicemesh-mixc-2.0.9-3.el8.ppc64le.rpm servicemesh-mixs-2.0.9-3.el8.ppc64le.rpm servicemesh-operator-2.0.9-3.el8.ppc64le.rpm servicemesh-pilot-agent-2.0.9-3.el8.ppc64le.rpm servicemesh-pilot-discovery-2.0.9-3.el8.ppc64le.rpm servicemesh-prometheus-2.14.0-16.el8.1.ppc64le.rpm servicemesh-proxy-2.0.9-3.el8.ppc64le.rpm s390x: kiali-v1.24.7.redhat1-1.el8.s390x.rpm servicemesh-2.0.9-3.el8.s390x.rpm servicemesh-cni-2.0.9-3.el8.s390x.rpm servicemesh-istioctl-2.0.9-3.el8.s390x.rpm servicemesh-mixc-2.0.9-3.el8.s390x.rpm servicemesh-mixs-2.0.9-3.el8.s390x.rpm servicemesh-operator-2.0.9-3.el8.s390x.rpm servicemesh-pilot-agent-2.0.9-3.el8.s390x.rpm servicemesh-pilot-discovery-2.0.9-3.el8.s390x.rpm servicemesh-prometheus-2.14.0-16.el8.1.s390x.rpm servicemesh-proxy-2.0.9-3.el8.s390x.rpm x86_64: kiali-v1.24.7.redhat1-1.el8.x86_64.rpm servicemesh-2.0.9-3.el8.x86_64.rpm servicemesh-cni-2.0.9-3.el8.x86_64.rpm servicemesh-istioctl-2.0.9-3.el8.x86_64.rpm servicemesh-mixc-2.0.9-3.el8.x86_64.rpm servicemesh-mixs-2.0.9-3.el8.x86_64.rpm servicemesh-operator-2.0.9-3.el8.x86_64.rpm servicemesh-pilot-agent-2.0.9-3.el8.x86_64.rpm servicemesh-pilot-discovery-2.0.9-3.el8.x86_64.rpm servicemesh-prometheus-2.14.0-16.el8.1.x86_64.rpm servicemesh-proxy-2.0.9-3.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. References: https://access.redhat.com/security/cve/CVE-2020-28851 https://access.redhat.com/security/cve/CVE-2020-28852 https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/cve/CVE-2021-3749 https://access.redhat.com/security/cve/CVE-2021-29482 https://access.redhat.com/security/cve/CVE-2021-29923 https://access.redhat.com/security/cve/CVE-2021-36221 https://access.redhat.com/security/cve/CVE-2021-43565 https://access.redhat.com/security/cve/CVE-2021-43824 https://access.redhat.com/security/cve/CVE-2021-43825 https://access.redhat.com/security/cve/CVE-2021-43826 https://access.redhat.com/security/cve/CVE-2022-21654 https://access.redhat.com/security/cve/CVE-2022-21655 https://access.redhat.com/security/cve/CVE-2022-23606 https://access.redhat.com/security/cve/CVE-2022-23635 https://access.redhat.com/security/cve/CVE-2022-24726 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYk9i6NzjgjWX9erEAQjAEhAAmnMX+Vmxv+BfSR/1KoiT5lCYoO0yCwR3 L2bDIAzohd4RaxbTxTRGGg0ibXB22Helse0hfroV/ZVQDhEcVg07QDwB7bdHknz6 hD1YtqBPLY93Vt2bvUq3XQNpv/hcxK9zngW0j4IeB4kRb0TbIz41yb+0SAKHmHqG KkcyqHeUvh/N02Rp4Ylk+B+Rcjfwwu3KJToUl+YwoajitIiu7np7qkftQ5s+uO2u nuxXdSm67L/WiaCq+LBLJpxk7zmZVtq3kTkqiokHFlSpS9NJCMDWvhpbXG1owkiV du9kUoZYa1hAIonX/URZ7HtOgwBOfaa9Jo0vwLp1GkCZEN389mo7+SkM1A/WGsdN rPwS2pe6HNNqSORHM9aoygraBTZeYyzSTCnVIRIggDbCb8DfG+WdITIEM/Jk9UFS +WSSDbJ9oVNPZtXqImtqxT+0FKHdk9My0UWWpJci3XeV6zL7+1ApcPTib7Y0sbRi XBxeV7THZdyiNHk49xE6i96z5QJFkRL/VCgBx3CaiHVqOAv27cR3O6MrP904utyh f3zUPSYIezvUgq65D13XZTruitBd4wMDTPpCqpsBM5JzLoyObKoU/KIr7oasJkbM 5gKHsNsszEfYgaqFmkao55xHHrZLt7x+WaF6dAttUAbl6AalJmEY3C9UcHYIZlGa 8V4YhC5zIXU= =/fvC -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . JIRA issues fixed (https://issues.jboss.org/): OSSM-1074 - Pod annotations defined in SMCP are not injected in the pods OSSM-1234 - RPM Release for Maistra 2.1.2 OSSM-303 - Control Openshift Route Creation for ingress Gateways 7

Trust: 2.43

sources: NVD: CVE-2022-21654 // JVNDB: JVNDB-2022-006114 // CNVD: CNVD-2022-15535 // VULMON: CVE-2022-21654 // PACKETSTORM: 166643 // PACKETSTORM: 166644

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-15535

AFFECTED PRODUCTS

vendor:envoyproxymodel:envoyscope:ltversion:1.19.3

Trust: 1.0

vendor:envoyproxymodel:envoyscope:ltversion:1.18.6

Trust: 1.0

vendor:envoyproxymodel:envoyscope:gteversion:1.19.0

Trust: 1.0

vendor:envoyproxymodel:envoyscope:gteversion:1.20.0

Trust: 1.0

vendor:envoyproxymodel:envoyscope:ltversion:1.21.1

Trust: 1.0

vendor:envoyproxymodel:envoyscope:gteversion:1.7.0

Trust: 1.0

vendor:envoyproxymodel:envoyscope:gteversion:1.21.0

Trust: 1.0

vendor:envoyproxymodel:envoyscope:ltversion:1.20.2

Trust: 1.0

vendor:envoy proxymodel:envoyscope: - version: -

Trust: 0.8

vendor:envoy proxymodel:envoyscope:eqversion: -

Trust: 0.8

vendor:envoymodel:envoyscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2022-15535 // JVNDB: JVNDB-2022-006114 // NVD: CVE-2022-21654

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-21654
value: CRITICAL

Trust: 1.0

security-advisories@github.com: CVE-2022-21654
value: HIGH

Trust: 1.0

NVD: CVE-2022-21654
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2022-15535
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202202-1762
value: CRITICAL

Trust: 0.6

VULMON: CVE-2022-21654
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-21654
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2022-15535
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-21654
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

security-advisories@github.com: CVE-2022-21654
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2022-21654
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-15535 // VULMON: CVE-2022-21654 // JVNDB: JVNDB-2022-006114 // CNNVD: CNNVD-202202-1762 // NVD: CVE-2022-21654 // NVD: CVE-2022-21654

PROBLEMTYPE DATA

problemtype:CWE-295

Trust: 1.0

problemtype:Illegal certificate verification (CWE-295) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-006114 // NVD: CVE-2022-21654

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202202-1762

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-202202-1762

PATCH

title:CVE-2022-21654 GitHuburl:https://github.com/envoyproxy/envoy/commit/e9f936d85dc1edc34fabd0a1725ec180f2316353

Trust: 0.8

title:Patch for Envoy Trust Management Issue Vulnerability (CNVD-2022-15535)url:https://www.cnvd.org.cn/patchInfo/show/322716

Trust: 0.6

title:Envoy Repair measures for trust management problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=184623

Trust: 0.6

title:Red Hat: Important: Red Hat OpenShift Service Mesh 2.1.2 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20221275 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Red Hat OpenShift Service Mesh 2.0.9 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20221276 - Security Advisory

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

sources: CNVD: CNVD-2022-15535 // VULMON: CVE-2022-21654 // JVNDB: JVNDB-2022-006114 // CNNVD: CNNVD-202202-1762

EXTERNAL IDS

db:NVDid:CVE-2022-21654

Trust: 4.1

db:JVNDBid:JVNDB-2022-006114

Trust: 0.8

db:PACKETSTORMid:166644

Trust: 0.7

db:CNVDid:CNVD-2022-15535

Trust: 0.6

db:AUSCERTid:ESB-2022.1505

Trust: 0.6

db:CNNVDid:CNNVD-202202-1762

Trust: 0.6

db:VULMONid:CVE-2022-21654

Trust: 0.1

db:PACKETSTORMid:166643

Trust: 0.1

sources: CNVD: CNVD-2022-15535 // VULMON: CVE-2022-21654 // JVNDB: JVNDB-2022-006114 // PACKETSTORM: 166643 // PACKETSTORM: 166644 // CNNVD: CNNVD-202202-1762 // NVD: CVE-2022-21654

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2022-21654

Trust: 2.2

url:https://github.com/envoyproxy/envoy/commit/e9f936d85dc1edc34fabd0a1725ec180f2316353

Trust: 1.7

url:https://github.com/envoyproxy/envoy/security/advisories/ghsa-5j4x-g36v-m283

Trust: 1.7

url:https://access.redhat.com/security/cve/cve-2022-21654

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.1505

Trust: 0.6

url:https://packetstormsecurity.com/files/166644/red-hat-security-advisory-2022-1275-01.html

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-21654/

Trust: 0.6

url:https://access.redhat.com/errata/rhsa-2022:1275

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43825

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-43826

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-24726

Trust: 0.2

url:https://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-43825

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-23635

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-23606

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-24726

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-21655

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-23635

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43824

Trust: 0.2

url:https://bugzilla.redhat.com/):

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43826

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-21655

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-23606

Trust: 0.2

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-43824

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/295.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/alphabugx/cve-2022-23305

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-43565

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:1276

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28852

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3121

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3749

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28851

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3121

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3749

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29482

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-29923

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-43565

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-29482

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36221

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28852

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-36221

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29923

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28851

Trust: 0.1

url:https://issues.jboss.org/):

Trust: 0.1

sources: CNVD: CNVD-2022-15535 // VULMON: CVE-2022-21654 // JVNDB: JVNDB-2022-006114 // PACKETSTORM: 166643 // PACKETSTORM: 166644 // CNNVD: CNNVD-202202-1762 // NVD: CVE-2022-21654

CREDITS

Red Hat

Trust: 0.2

sources: PACKETSTORM: 166643 // PACKETSTORM: 166644

SOURCES

db:CNVDid:CNVD-2022-15535
db:VULMONid:CVE-2022-21654
db:JVNDBid:JVNDB-2022-006114
db:PACKETSTORMid:166643
db:PACKETSTORMid:166644
db:CNNVDid:CNNVD-202202-1762
db:NVDid:CVE-2022-21654

LAST UPDATE DATE

2024-08-14T12:57:33.873000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-15535date:2022-03-01T00:00:00
db:VULMONid:CVE-2022-21654date:2022-03-03T00:00:00
db:JVNDBid:JVNDB-2022-006114date:2023-06-30T06:53:00
db:CNNVDid:CNNVD-202202-1762date:2022-04-13T00:00:00
db:NVDid:CVE-2022-21654date:2022-03-03T18:11:35.557

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-15535date:2022-03-01T00:00:00
db:VULMONid:CVE-2022-21654date:2022-02-22T00:00:00
db:JVNDBid:JVNDB-2022-006114date:2023-06-30T00:00:00
db:PACKETSTORMid:166643date:2022-04-08T15:05:23
db:PACKETSTORMid:166644date:2022-04-08T15:06:03
db:CNNVDid:CNNVD-202202-1762date:2022-02-22T00:00:00
db:NVDid:CVE-2022-21654date:2022-02-22T23:15:11.103