Details of VAR-202205-0881

ID

VAR-202205-0881

CVE

CVE-2022-1629

TITLE

vim/vim Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-010778

DESCRIPTION

Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution. vim/vim Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html 3. Solution: For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2042536 - OCP 4.10: nfd-topology-updater daemonset fails to get created on worker nodes - forbidden: unable to validate against any security context constraint 2042652 - Unable to deploy hw-event-proxy operator 2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter 2047308 - Remove metrics and events for master port offsets 2055049 - No pre-caching for NFD images 2055436 - nfd-master tracking the wrong api group 2055439 - nfd-master tracking the wrong api group (operand) 2057569 - nfd-worker: drop 'custom-' prefix from matchFeatures custom rules 2058256 - LeaseDuration for NFD Operator seems to be rather small, causing Operator restarts when running etcd defrag 2062849 - hw event proxy is not binding on ipv6 local address 2066860 - Wrong spec in NFD documentation under `operand` 2066887 - Dependabot alert: Path traversal in github.com/valyala/fasthttp 2066889 - Dependabot alert: Path traversal in github.com/valyala/fasthttp 2067312 - PPT event source is lost when received by the consumer 2077243 - NFD os release label lost after upgrade to ocp 4.10.6 2087511 - NFD SkipRange is wrong causing OLM install problems 2089962 - Node feature Discovery operator installation failed. 2090774 - Add Readme to plugin directory 2091106 - Dependabot alert: Unhandled exception in gopkg.in/yaml.v3 2091142 - Dependabot alert: Unhandled exception in gopkg.in/yaml.v3 2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS 5. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. gVim is the GUI version of Vim. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060 Description ========== Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Vim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060" All gVim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060" All vim-core users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060" References ========= [ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/ Security update: * nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450) Bug fixes: * Can't install submariner add-ons from UI on unsupported cloud provider (BZ# 2087686) * policy controller addons are Progressing status (unhealthy from backend) on OCP3.11 in ARM hub (BZ# 2088270) * RHACM 2.5.1 images (BZ# 2090802) * Broken link to Submariner manual install instructions (BZ# 2095333) * `The backend service is unavailable` when accessing ACM 2.5 Overview page (BZ# 2096389) * 64 character length causing clusters to unsubscribe (BZ# 2101453) 3. Bugs fixed (https://bugzilla.redhat.com/): 2052573 - CVE-2022-24450 nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account 2087686 - Can't install submariner add-ons from UI on unsupported cloud provider 2088270 - policy controller addons are Progressing status (unhealthy from backend) on OCP3.11 in ARM hub 2090802 - RHACM 2.5.1 images 2095333 - Broken link to Submariner manual install instructions 2096389 - `The backend service is unavailable` when accessing ACM 2.5 Overview page 2101453 - 64 character length causing clusters to unsubscribe 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: ACS 3.71 enhancement and security update Advisory ID: RHSA-2022:5704-01 Product: RHACS Advisory URL: https://access.redhat.com/errata/RHSA-2022:5704 Issue date: 2022-07-25 CVE Names: CVE-2021-40528 CVE-2022-1621 CVE-2022-1629 CVE-2022-22576 CVE-2022-25313 CVE-2022-25314 CVE-2022-27774 CVE-2022-27776 CVE-2022-27782 CVE-2022-29173 CVE-2022-29824 ==================================================================== 1. Summary: Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug fixes and feature improvements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Release of ACS 3.71 provides these changes: Security Fix(es): * go-tuf: No protection against rollback attacks for roles other than root (CVE-2022-29173) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. New Features: * New RHACS dashboard and widgets * New default policy for privilege escalation: detects if a deployment is running with a container that has allowPrivilegeEscalation set to true. This policy is enabled by default. The privilege escalation setting is enabled in Kubernetes pods by default. * New default policy for externally exposed service: detects if a deployment has any service that is externally exposed through any methods. The policy is disabled by default. * Ability to assign multiple RHACS roles to users and groups: Allows you to assign multiple roles using key-value pairs to a single user or group. * List of network policies in Deployment tab for violations: A new information section has been added to help resolve a "missing Kubernetes network policy" violation that lists all the Kubernetes network policies applicable to the namespace of the offending deployment. * Alpine 3.16 support for Scanner Enhancements: * Change to roxctl image scan behavior: The default value for the - --include-snoozed option of the roxctl image scan command is set to false. If the --include-snoozed option is set to false, the scan does not include snoozed CVEs. * Diagnostic bundles update: These now include notifiers, auth providers and auth provider groups, access control roles with attached permission set and access scope, and system configuration information. Users with the DebugLogs permission can read listed entities from a generated diagnostic bundle regardless of their respective permissions. * Align OCP4-CIS scanning benchmarks control numbers: The CIS control number has been added to compliance scan results to enable customers to reference the original control from the CIS benchmark standard. Notable technical changes: * eBPF is now the default collection method: Updated the default collection method for Collector to eBPF. Deprecated features: * RenamePolicyCategory and DeletePolicyCategory API endpoints * Permissions: AuthPlugin, AuthProvider, Group, Licenses, Role, User, Indicator, NetworkBaseline, ProcessWhitelist, Risk, APIToken, BackupPlugins, ImageIntegration, Notifier, SignatureIntegration, ImageComponent * Retrieving groups by property * vulns fields of storage.Node object in response payload of v1/nodes * /v1/cves/suppress and /v1/cves/unsuppress Removed features: * Anchore, Tenable, and Docker Trusted Registry integrations * External authorization plug-in for scoped access control * FROM option in the Disallowed Dockerfile line policy field * PodSecurityPolicy (PSP) Kubernetes objects 3. Solution: To take advantage of the new features, bug fixes, and enhancements in RHACS 3.71 you are advised to upgrade to RHACS 3.71.0. For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2082400 - CVE-2022-29173 go-tuf: No protection against rollback attacks for roles other than root 5. JIRA issues fixed (https://issues.jboss.org/): ROX-11898 - Release RHACS 3.71.0 6. References: https://access.redhat.com/security/cve/CVE-2021-40528 https://access.redhat.com/security/cve/CVE-2022-1621 https://access.redhat.com/security/cve/CVE-2022-1629 https://access.redhat.com/security/cve/CVE-2022-22576 https://access.redhat.com/security/cve/CVE-2022-25313 https://access.redhat.com/security/cve/CVE-2022-25314 https://access.redhat.com/security/cve/CVE-2022-27774 https://access.redhat.com/security/cve/CVE-2022-27776 https://access.redhat.com/security/cve/CVE-2022-27782 https://access.redhat.com/security/cve/CVE-2022-29173 https://access.redhat.com/security/cve/CVE-2022-29824 https://access.redhat.com/security/updates/classification/#moderate 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYuFju9zjgjWX9erEAQiWQw/+OGMhyOtp3q6Ypqpl1hEi3YCkXQOsdzmR V/2ULky7w4rO8xA9u8hZjDtrsxhHmY3PSYv2fRxLAX87d0FJEoUOGJ7JEQT+L+VF 08Zqzz+CRUVBubN27UKdMb8nAZ0S083XleTGd0u/gLTvdejRsfsNvfs+rlOSxv1c mlChC8HXlVg5UH6OAEspZ2P02AZdCgHCnlO5qHQT7BGeFPko4KMXAFf9Hddawffc F9nEC2jDlQ+KXFPTFWIcXnrCE89kQa32QFnks7Tt1RAgG+y2+xJj46LBU/nFeOpJ iu7eLDeKPn4WkmDsLaKIYDtpxXydJhRodnPukQHp4Jxik9HwEwl4L5F4p7bznM6P 6KsihRVrRxfhmHmjm7k43m9u9rNpeey6nrjAKEsZT5wOuNfpgtVAkBrN1fJ4X+tD wEbCeeEXZX1LL2kd8DsUD5Qw4Zs+uaqMqKtuqm9neiEpVOS9/Ktc6hTtt+Cw5l8u XS6NMQZeVl+bTkN6kVzVjSRl2hA5/VWL2Jd9cLjxp3jiIBLpiYZ1Usg8dt0FLgFe 3mQvD7GUMl7nrE4BEF/pwk1tRcEtzZfta5PpqyW2lYX6KXXgwibDND7xv7QXV8GP 2RdFbZC8K+XGCSf/RiD77cH/Uojpto9NnGfnhO3rMeVGnTbUQx57+QEqJLWHfLVQ +tIPRnmepo8=I5j4 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Vim (Vi IMproved) is an updated and improved version of the vi editor. Bugs fixed (https://bugzilla.redhat.com/): 2083924 - CVE-2022-1621 vim: heap buffer overflow 2083931 - CVE-2022-1629 vim: buffer over-read 6. Package List: Red Hat Enterprise Linux AppStream (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Bugs fixed (https://bugzilla.redhat.com/): 2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS 5

Trust: 2.52

sources: NVD: CVE-2022-1629 // JVNDB: JVNDB-2022-010778 // VULHUB: VHN-419742 // VULMON: CVE-2022-1629 // PACKETSTORM: 168036 // PACKETSTORM: 167666 // PACKETSTORM: 168124 // PACKETSTORM: 167853 // PACKETSTORM: 167838 // PACKETSTORM: 167644 // PACKETSTORM: 167984 // PACKETSTORM: 172122

AFFECTED PRODUCTS

vendor:	vim	model:	vim	scope:	lt	version:	8.2.4925	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	35	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	13.0	Trust: 1.0
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	vim	model:	vim	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-010778 // NVD: CVE-2022-1629

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-1629
value:	HIGH
Trust: 1.0
security@huntr.dev:	CVE-2022-1629
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-1629
value:	HIGH
Trust: 0.8
VULHUB:	VHN-419742
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-1629
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-1629
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-419742
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-1629
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
security@huntr.dev:	CVE-2022-1629
baseSeverity:	MEDIUM
baseScore:	6.6
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	4.7
version:	3.0
Trust: 1.0
NVD:	CVE-2022-1629
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-419742 // VULMON: CVE-2022-1629 // JVNDB: JVNDB-2022-010778 // NVD: CVE-2022-1629 // NVD: CVE-2022-1629

PROBLEMTYPE DATA

problemtype:	CWE-126	Trust: 1.1
problemtype:	CWE-125	Trust: 1.0
problemtype:	Out-of-bounds read (CWE-125) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-419742 // JVNDB: JVNDB-2022-010778 // NVD: CVE-2022-1629

TYPE

overflow

Trust: 0.2

sources: PACKETSTORM: 167666 // PACKETSTORM: 167644

PATCH

title:	trailing backslash may cause reading past end of line Apple Apple Security Updates	url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/	Trust: 0.8
title:	Red Hat: Moderate: vim security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225319 - Security Advisory	Trust: 0.1
title:	IBM: Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow in Vim (CVE-2022-1629)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=75dc112b2a9ad39a0596e95fdf36f8db	Trust: 0.1
title:	IBM: Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-1629	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=2b1376ae460945586f54fa928ce7a610	Trust: 0.1
title:	Red Hat:	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2022-1629	Trust: 0.1
title:	Red Hat: Moderate: ACS 3.71 enhancement and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225704 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Openshift Logging Bug Fix and security update Release (5.2.13)	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225909 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Logging Subsystem 5.4.3 - Red Hat OpenShift security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225556 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Openshift Logging Bug Fix and security update Release (5.3.10)	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225908 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Release of containers for OSP 16.2.z director operator tech preview	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225673 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.5.1 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225531 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.3 security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225840 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: OpenShift Container Platform 4.11.0 extras and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225070 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: OpenShift Virtualization 4.11.0 Images security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226526 - Security Advisory	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2022-1628	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1628	Trust: 0.1
title:	Red Hat: Important: OpenShift Container Platform 4.11.0 bug fix and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225069 - Security Advisory	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2022-1829	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1829	Trust: 0.1

sources: VULMON: CVE-2022-1629 // JVNDB: JVNDB-2022-010778

EXTERNAL IDS

db:	NVD	id:	CVE-2022-1629	Trust: 3.6
db:	JVNDB	id:	JVNDB-2022-010778	Trust: 0.8
db:	PACKETSTORM	id:	167853	Trust: 0.2
db:	PACKETSTORM	id:	167838	Trust: 0.2
db:	PACKETSTORM	id:	167644	Trust: 0.2
db:	PACKETSTORM	id:	167666	Trust: 0.2
db:	PACKETSTORM	id:	167984	Trust: 0.2
db:	PACKETSTORM	id:	167985	Trust: 0.1
db:	PACKETSTORM	id:	167778	Trust: 0.1
db:	PACKETSTORM	id:	167845	Trust: 0.1
db:	VULHUB	id:	VHN-419742	Trust: 0.1
db:	VULMON	id:	CVE-2022-1629	Trust: 0.1
db:	PACKETSTORM	id:	168036	Trust: 0.1
db:	PACKETSTORM	id:	168124	Trust: 0.1
db:	PACKETSTORM	id:	172122	Trust: 0.1

sources: VULHUB: VHN-419742 // VULMON: CVE-2022-1629 // JVNDB: JVNDB-2022-010778 // PACKETSTORM: 168036 // PACKETSTORM: 167666 // PACKETSTORM: 168124 // PACKETSTORM: 167853 // PACKETSTORM: 167838 // PACKETSTORM: 167644 // PACKETSTORM: 167984 // PACKETSTORM: 172122 // NVD: CVE-2022-1629

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2022-1629	Trust: 1.5
url:	https://security.gentoo.org/glsa/202208-32	Trust: 1.3
url:	https://support.apple.com/kb/ht213488	Trust: 1.2
url:	https://huntr.dev/bounties/e26d08d4-1886-41f0-9af4-f3e1bf3d52ee	Trust: 1.2
url:	http://seclists.org/fulldisclosure/2022/oct/41	Trust: 1.2
url:	https://github.com/vim/vim/commit/53a70289c2712808e6d4e88927e03cac01b470dd	Trust: 1.2
url:	http://seclists.org/fulldisclosure/2022/oct/28	Trust: 1.1
url:	https://security.gentoo.org/glsa/202305-16	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/hip7kg7tvs5yf3qreay2gogut3yubzai/	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1621	Trust: 0.7
url:	https://access.redhat.com/security/team/contact/	Trust: 0.6
url:	https://bugzilla.redhat.com/):	Trust: 0.6
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2022-1629	Trust: 0.6
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2022-1621	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2022-27776	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2022-27774	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2022-25313	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2022-29824	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2022-27782	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2022-22576	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-40528	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2022-25314	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2022-1271	Trust: 0.3
url:	https://access.redhat.com/articles/11258	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1154	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1420	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-27774	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22576	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-40528	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-25314	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-25313	Trust: 0.3
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/hip7kg7tvs5yf3qreay2gogut3yubzai/	Trust: 0.2
url:	https://access.redhat.com/errata/rhsa-2022:5319	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-38561	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0943	Trust: 0.2
url:	https://access.redhat.com/security/team/key/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0554	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2129	Trust: 0.2
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1927	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2175	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2286	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2126	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1886	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1771	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1851	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2000	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2287	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1674	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1968	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2284	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2288	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2345	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2257	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2124	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2343	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1381	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1735	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2125	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1733	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2207	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2183	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1616	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2264	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1619	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2304	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1620	Trust: 0.2
url:	https://bugs.gentoo.org.	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1898	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2344	Trust: 0.2
url:	https://security.gentoo.org/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1785	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1796	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2206	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1720	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1769	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1897	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2289	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2042	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2182	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1160	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2231	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2285	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2208	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1942	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2210	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1271	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-27782	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-29824	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-27776	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/126.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-speech-services-cartridge-for-ibm-cloud-pak-for-data-is-vulnerable-to-a-buffer-overflow-in-vim-cve-2022-1629/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-36084	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-28327	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-36085	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20838	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:5068	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4189	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20095	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24407	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-5827	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3634	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17595	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5827	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3580	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24921	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24370	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13435	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27191	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-29162	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25032	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19603	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23772	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13750	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23177	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17594	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3737	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-14155	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13751	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-19603	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-42771	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21698	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20838	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-13750	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-36087	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1706	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20231	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-18874	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-13751	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20232	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-25219	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-28493	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-31566	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17594	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17595	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-18874	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-18218	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-36086	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23806	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1729	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-18218	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:5070	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24370	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24903	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14155	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-28493	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-25032	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23773	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-13435	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24675	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0778	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:5242	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1154	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0943	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1420	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0361	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0261	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0413	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3796	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0408	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0158	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0417	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0318	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0392	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0368	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0128	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0443	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0714	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4193	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3778	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3984	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0629	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0393	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0156	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4069	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4166	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3927	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0685	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0319	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3974	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0351	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3928	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4019	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3968	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0213	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0729	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-46059	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3770	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0359	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3973	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4187	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4173	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3872	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4192	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4136	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-27666	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3695	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html-single/install/index#installing	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-28735	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3696	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-28915	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3696	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:5531	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-28736	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-28915	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3695	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3697	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-28733	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27666	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24450	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-28734	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3697	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-28737	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-24450	Trust: 0.1
url:	https://issues.jboss.org/):	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:5704	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-29173	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-29173	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:5908	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-34169	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21540	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-21540	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-21541	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21541	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-38561	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2845	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2816	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2862	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3256	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3296	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3153	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3705	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3235	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2889	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0051	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2923	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2982	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3520	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4293	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3099	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2874	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3016	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3278	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-47024	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0054	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4141	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2819	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2946	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0049	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2849	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3324	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2980	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2817	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2522	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3591	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4292	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3134	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3297	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3352	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3491	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1725	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3234	Trust: 0.1

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 168036 // PACKETSTORM: 167666 // PACKETSTORM: 167853 // PACKETSTORM: 167838 // PACKETSTORM: 167644 // PACKETSTORM: 167984

SOURCES

db:	VULHUB	id:	VHN-419742
db:	VULMON	id:	CVE-2022-1629
db:	JVNDB	id:	JVNDB-2022-010778
db:	PACKETSTORM	id:	168036
db:	PACKETSTORM	id:	167666
db:	PACKETSTORM	id:	168124
db:	PACKETSTORM	id:	167853
db:	PACKETSTORM	id:	167838
db:	PACKETSTORM	id:	167644
db:	PACKETSTORM	id:	167984
db:	PACKETSTORM	id:	172122
db:	NVD	id:	CVE-2022-1629

LAST UPDATE DATE

2025-04-18T00:56:05.332000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-419742	date:	2022-10-31T00:00:00
db:	VULMON	id:	CVE-2022-1629	date:	2022-10-31T00:00:00
db:	JVNDB	id:	JVNDB-2022-010778	date:	2023-08-17T04:19:00
db:	NVD	id:	CVE-2022-1629	date:	2024-11-21T06:41:07.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-419742	date:	2022-05-10T00:00:00
db:	VULMON	id:	CVE-2022-1629	date:	2022-05-10T00:00:00
db:	JVNDB	id:	JVNDB-2022-010778	date:	2023-08-17T00:00:00
db:	PACKETSTORM	id:	168036	date:	2022-08-10T15:54:58
db:	PACKETSTORM	id:	167666	date:	2022-07-01T15:00:50
db:	PACKETSTORM	id:	168124	date:	2022-08-22T16:01:59
db:	PACKETSTORM	id:	167853	date:	2022-07-27T17:32:40
db:	PACKETSTORM	id:	167838	date:	2022-07-27T17:26:20
db:	PACKETSTORM	id:	167644	date:	2022-07-01T14:56:38
db:	PACKETSTORM	id:	167984	date:	2022-08-05T14:51:51
db:	PACKETSTORM	id:	172122	date:	2023-05-03T15:29:00
db:	NVD	id:	CVE-2022-1629	date:	2022-05-10T14:15:08.530